CloudTrail SIEM Integration (Splunk)

If you work in a hybrid cloud or multi-cloud architecture, you may want to integrate logs with a security information and event management (SIEM) system. This enables you to monitor telemetry from different cloud providers and your on-premise systems – all from a single tool. This eases log analysis and event correlation. In this lab, you'll go through the steps to integrate AWS with the SIEM tool Splunk.