Audit Package - Manual Setup Instructions


Manual Setup

Welcome to Threat Stack. These instructions will guide you through setting up Configuration Auditing and CloudTrail monitoring the manual way. If you wish to set up using a CloudFormation template, click here

1. Set Up Configuration Auditing and EC2 Sync
5 minutes
Click here for detailed, step-by-step instructions 
Allow Threat Stack to fetch details about your AWS account for both Configuration Auditing and EC2 sync features. EC2 sync pulls in EC2 instance metadata to provide a convenient, consolidated view of all instances across accounts.

2. Run a Configuration Audit and Review Your Results
5 minutes
Click here for detailed, step-by-step instructions 
Perform a first audit of your AWS environment.

3. Add CloudTrail Alerting
5-10 minutes
Click here for detailed, step-by-step instructions 
Enable CloudTrail logging in AWS and grant Threat Stack the permissions it needs to begin alerting on them.

4. View CloudTrail Alerts, Add Suppressions and Customize Rules
10 minutes
Click for detailed, step-by-step instructions on:
Viewing and suppressing CloudTrail alerts 
Customizing and writing new CloudTrail rules 
Because Threat Stack provides a comprehensive set of default rules, this step does not need to be completed right away. Most users will add suppressions and customize their rules over time.

Was this article helpful?
0 out of 0 found this helpful
Have more questions? Submit a request



Please sign in to leave a comment.