ELK: AWS CloudTrail PowerPack Release Notes, version 100

Version 100 of the ELK: AWS CloudTrail PowerPack is the initial version of the PowerPack, which provides additional data for Amazon Web Services (AWS) component devices that are part of an Elasticsearch, Logstash, and Kibana (ELK) stack. This version includes Dynamic Applications, an Event Policy, a sample Credential, and Run Book Policies/Actions that enable you to monitor and align AWS CloudTrail data from Logstash.

  • Minimum Required SL1 Version: 8.4.3

Before You Install

Ensure that you are running version 8.4.3 or later of SL1 before installing "ELK: AWS CloudTrailPowerPack version 100.

For details on upgrading SL1, see the relevant SL1 Platform Release Notes.

Installation Process

To install version 100 of the ELK: AWS CloudTrail PowerPack, perform the following steps:

To install this PowerPack:

  1. Familiarize yourself with the Known Issues for this release.
  2. See the Before You Install or Upgrade section. If you have not done so already, upgrade your system to the 8.4.3 or later release.
  3. Download the "ELK: AWS CloudTrail" version 100PowerPack from the Support Site to a local computer.
  4. Go to the PowerPack Manager page (System > Manage > PowerPacks). Click the Actions menu and choose Import PowerPack. When prompted, import "ELK: AWS CloudTrail" version 100.
  5. Click the Install button. For details on installing PowerPacks, see the chapter on Installing a PowerPack in the PowerPacks manual.

See the manual Monitoring AWS ELK Stacks for instructions on using the new PowerPack.

Features

This release includes the following features:

  • Three Dynamic Applications that align to AWS component devices in ELK stacks and then monitor CloudTrail logs and states changes on EC2 instances:

  • ELK: AWS Alignment
  • ELK: AWS CloudTrail
  • ELK: AWS CloudTrail EC2 Stats
  • An Event Policy that notifies users when the ELK Dynamic Applications have aligned to AWS components
  • A sample Credential that you can use to create Basic/Snippet credentials to monitor AWS ELK stacks.
  • Run Book Policies/Actions that align the ELK Dynamic Applications to AWS components and update the alignment status on the ScienceLogicData Collector or All-In-One Appliance.

Known Issues

This release has no known issues.