Configure a Cisco-Managed S3 Bucket
In Secure Access, create a Cisco-managed Amazon S3 bucket to store the event logs for the organization.
- Navigate to Admin > Log Management, navigate to Amazon S3, and then choose Use a Cisco-managed Amazon S3 bucket.
- Select a Region and a Retention Duration.
-
Select a Region—Regional endpoints are important to minimize latency when downloading logs to your servers. The regions that are listed match those available in Amazon S3. Not all regions are available.
Pick a region that is closest to you. If you wish to change your region in the future, you will need to delete your current settings and start over.
- Select a Retention Duration—Select 7, 14, or 30 days. Beyond the selected time period, all data will be purged and cannot be retrieved. We recommend a smaller time period if your ingestion cycle is regular. The retention duration can be changed at any time.
-
Select a Region—Regional endpoints are important to minimize latency when downloading logs to your servers. The regions that are listed match those available in Amazon S3. Not all regions are available.
- Click Save and then Continue to confirm your settings.
Secure Access activates its ability to export to an AWS S3 account. When activation is complete, the Amazon S3 Summary page appears.
-
Copy credentials from this page and store them in a safe place. This is the only time that the Access and Secret keys are made available to you. These keys are required to access your S3 bucket and download logs. If you lose these keys, they must be regenerated.
-
Once keys are copied and safe, select Got it and then click Continue.
Continue is unavailable until you check Got it.
