By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

Logging IoT Secure Tunnel Connections in Cloudwatch or Similar

0

Hi,

For audit trail/security purposes we would like to store a log of AWS IoT Secure Tunnel instances, including dates, durations, etc. If possible, even the originating IP address.

What would be the easiest way to log IoT Secure Tunnel instances in Cloudwatch ? I can see that tunnels are displayed in the IoT dash, but these disappear if the tunnel is deleted.

Current setup:

  • Secure Tunnel Component deployed via Greengrass
  • Using the provided docker-run.sh / localproxy cli method to connect
  • If we wish to close tunnels before timeout we are using the "close/delete" tunnel method via the AWS dash
Topics
Internet of Things (IoT)
Tags
AWS IoT GreengrassInternet of Things (IoT)
Language
English
AWS-User-9962534
asked 2 years ago236 views
1 Answer
0

Hi. If you have AWS IoT logging enabled (INFO level), Publish-Out events will be logged in the AWSIotLogsV2 log group. When you create/open a tunnel, there will be a Publish-Out event on the $aws/things/thing-name/tunnels/notify topic.

For broader audit trail and compliance scenarios you should probably consider CloudTrail: https://docs.aws.amazon.com/iot/latest/developerguide/iot-using-cloudtrail.html

profile pictureAWS
EXPERT
Greg_B
answered 2 years ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content