⚠️ AWS VPC Flow Logs
⚠️ Unpublished: This item is from a solution that is not yet published on Azure Marketplace or not installed in Content Hub.
Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊
| Attribute | Value |
|---|---|
| Publisher | Microsoft Corporation |
| Support Tier | Microsoft |
| Support Link | https://support.microsoft.com |
| Categories | domains |
| Version | 3.0.0 |
| Author | Microsoft |
| First Published | 2025-07-30 |
| Solution Folder | AWS VPC Flow Logs |
Amazon Web Services S3 VPC Flow Logs Solution for Microsoft Sentinel provides data connector to ingest AWS VPC Flow Logs into Microsoft Sentinel.
Additional Information
- 📖 Setup Guide: Connect Microsoft Sentinel to AWS - Configure your AWS environment for Microsoft Sentinel integration
- 📖 Troubleshooting: Troubleshoot AWS S3 connector issues - Resolve common AWS S3 connector problems
Contents
Data Connectors
This solution provides 1 data connector(s):
Tables Used
This solution uses 1 table(s):
| Table | Used By Connectors | Used By Content |
|---|---|---|
AWSVPCFlow |
Amazon Web Services S3 VPC Flow Logs | - |
Additional Documentation
📄 Source: AWS VPC Flow Logs/README.md
1. Polling Configuration Fix
Due to a bug in CCF (Common Collection Framework), you must set the destination table to null in the polling configuration file:
"destinationTable": null
2. Main Template File Format Update
In the mainTemplate.json file, update the fileFormat parameter as shown below, then update the zip package with the modified template:
"fileFormat": {
"defaultValue": [
"Json"
],
"type": "array",
"minLength": 1
}
Post-Update Steps
After making these changes, ensure you update the solution package (zip file) with the modified mainTemplate.json file.
Release Notes
| Version | Date Modified (DD-MM-YYYY) | Change History |
|---|---|---|
| 3.0.0 | 25-07-2025 | New Data Connector, Preview |
Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊