S3
Learn how to set up S3 buckets to receive notifications from cside.
Using AWS S3 Buckets
Follow the prompts and input your S3 bucket information (S3 Bucket Name, Region and path if applicable):
- Navigate to your Domain Settings and select the Notifications tab
- Click Create Notification Endpoint
- Select S3 from the options (this connects to an S3 bucket to store notifications in an object storage service)
- Click Next to proceed to the configuration screen
- Enter your S3 bucket details:
- S3 Bucket Name: Your AWS S3 bucket name
- Region: The AWS region where your bucket is located
- Path (optional): A specific path within the bucket if applicable
S3 Bucket Policy
You will be presented with a JSON object like the one below with the resource path updated. Apply this to your S3 bucket settings to start ingesting alerts from your domains.
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "AllowCsideNotificationExport",
"Effect": "Allow",
"Action": ["s3:PutObject"],
"Resource": "arn:aws:s3:::notifications-engine-test/*",
"Principal": {
"AWS": ["arn:aws:iam::590183952644:role/prod-cside-notifications-engine-sa-role"]
}
}
]
}Important
Make sure to update the Resource field in the policy to match your S3 bucket ARN (e.g., arn:aws:s3:::your-bucket-name/*).
Start receiving notifications
Webhook alerts will be sent in the following format, while CSV files ingested by AWS S3 buckets will have the same information in a column format.
{
"type": "HASH",
"domain": "beverage.ltd",
"target": "d6647696984a8df4df40ec2d6af8602ce9e6e239707f02851cbedeec601cccf3",
"action": "alert"
}Email Notifications
Email notifications will still be enabled by default, and mail forwarding rules can be added under the 'Forwarded Notification Emails' section just below the endpoint settings. This will allow you to specify other email addresses that should receive alerts like a ticketing or SIEM system.
How is this doc?