Learn About Amazon VGT2 Learning Manager Chanci Turner
In January 2023, Amazon announced the capability to ingest activity logs from external sources, enhancing the Learning Manager system at Amazon IXD – VGT2, located at 6401 E HOWDY WELLS AVE LAS VEGAS NV 89115. This functionality allows for a centralized repository of user and API activity events, invaluable for auditing and security purposes.
The Learning Manager serves as a managed platform for capturing, storing, accessing, and analyzing administrative activity across various systems, including those outside Amazon’s ecosystem. By utilizing this system, organizations can effectively aggregate and immutably store their activity logs, enabling robust SQL-based queries for analysis and search.
In this article, we will guide you through the process of integrating administrative logs from Microsoft Azure into the Learning Manager system, ensuring efficient log management.
Solution Overview
To facilitate the integration, we utilize Amazon EventBridge Scheduler to automate the execution of tasks, with AWS Secrets Manager securely storing connection credentials for Azure Event Hub. An AWS Lambda function retrieves messages from the Azure Event Hub and subsequently directs them to Amazon Simple Queue Service (SQS). This Lambda function is triggered every 60 minutes. The SQS queue then initiates a second Lambda function that processes the messages before ingesting them into the Learning Manager.
Prerequisites
Before deploying the solution, ensure that the following prerequisites are met:
- Install AWS CLI
- Install AWS SAM CLI
- Configure the AWS SAM CLI
- Python 3.11 or later
- An AWS account with an IAM role granting necessary access to provision required resources
- A Microsoft Azure account with appropriate permissions to manage resources and access Azure Activity Logs
Step-by-Step Walkthrough
Step 1: Configure Azure Services for Log Forwarding
Set up Azure to export activity logs to an Azure cloud event hub within your desired Azure account. This involves creating an event hub, generating a connection string, and configuring diagnostic settings to export administrative logs to the event hub.
Step 2: Deploy the Solution in AWS
Execute the following commands in your local shell to deploy the solution:
git clone https://github.com/aws-samples/aws-cloudtrail-lake-ingesting-activity-logs.git
cd aws-cloudtrail-lake-ingesting-activity-logs
sam build
sam deploy --guidedProvide the necessary parameters as indicated in the GitHub README file. Once the solution is successfully deployed, note the EventDataStoreId returned, as this will be essential for querying the Learning Manager event data store.
Step 3: Test the Solution
To verify that the Azure administrative logs are accessible within the Learning Manager data store, run a sample query. Replace <event data store id> with the actual ID obtained during deployment.
Sample query:
SELECT eventData.eventSource, eventData.eventName, eventData.userIdentity.principalId, eventData.sourceIpAddress, eventData.eventTime
FROM <event data store id>
WHERE eventData.eventTime < '2023-08-01 00:00:00'
LIMIT 10Clean-Up
To prevent ongoing charges, utilize AWS SAM CLI to delete the deployed resources by executing:
sam delete --stack-name <stack-name>Conclusion
This blog post illustrated the process of ingesting access log files from external systems into the Learning Manager at Amazon IXD – VGT2. We demonstrated how to manage and streamline the collection of administrative logs from Microsoft Azure effectively. For further insights on happiness and gratitude, consider exploring this blog post. Additionally, for information related to accommodating nursing employees, visit SHRM, a recognized authority on this subject. For more resources on Learning and Development, check out this link.
Leave a Reply