Skip to content

Commit

Permalink
Merge pull request #8210 from ministryofjustice/feature/7607-stream-f…
Browse files Browse the repository at this point in the history 
…irewall-logs

Stream firewall logs to XSIAM endpoint
  • Loading branch information
@dms1981
dms1981 authored Oct 8, 2024
2 parents 9c5a750 + a11874f commit 3608615
Show file tree
Hide file tree
Showing 2 changed files with 12 additions and 0 deletions.
7 changes: 7 additions & 0 deletions terraform/environments/core-network-services/logging.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -26,3 +26,10 @@ resource "aws_route53_resolver_query_log_config_association" "core_logging" {
resolver_query_log_config_id = each.value.rlq_id
resource_id = each.value.vpc_id
}

module "stream_firewall_logs" {
source = "github.com/ministryofjustice/modernisation-platform-terraform-aws-data-firehose?ref=cebe39c438390ffb5355827ec9469cfe9b09c22c" # v1.2.1
cloudwatch_log_group_names = [module.vpc_inspection["live_data"].fw_cloudwatch_name, aws_cloudwatch_log_group.external_inspection.name]
destination_http_endpoint = data.aws_ssm_parameter.cortex_xsiam_endpoint.value
tags = local.tags
}
5 changes: 5 additions & 0 deletions terraform/environments/core-network-services/ssm.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,3 +2,8 @@ data "aws_ssm_parameter" "core_logging_bucket_arns" {
provider = aws.modernisation-platform
name = "core_logging_bucket_arns"
}

data "aws_ssm_parameter" "cortex_xsiam_endpoint" {
provider = aws.modernisation-platform
name = "cortex_xsiam_endpoint"
}

0 comments on commit 3608615

Please sign in to comment.