This topic highlights possible problems that you may encounter with AWS (CloudTrail) Collection and suggested solutions to these problems.
Note: In general, you receive more robust log messages by disabling SSL.
|No bucket key found under 'arn:aws:s3:::bucket-name/AWSLogs/account-id/CloudTrail/region/'. Determine if the 'S3 Bucket Name' for CloudTrail is configured and that 'Account Id' and 'Region' are correct. Also determine if the CloudTrail account is configured with a 'Log File Prefix' and if so, it is also defined correctly for this event source.|
|Possible Cause||The S3 Bucket Name parameter and its associated parameters are not configured correctly.|
For the event source that returned this message:
When you try to create a Plugins event source, you receive the following error message:
Parameter start_date: Invalid dateTime 2015-03-16T23:36:52.000Z :
|Possible Cause|| |
You selected an invalid Start Date, a date that Security Analytics determined was not in the past. For example:
There are two reasons why this occurred:
|Solution||Make sure that your hosts are time synced. Select a date in the past for the Start Date.|