The Umbrella User Guide Developer Hub

Welcome to the Umbrella User Guide developer hub. You'll find comprehensive guides and documentation to help you start working with Umbrella User Guide as quickly as possible, as well as support if you get stuck. Let's jump right in!

Get Started    

Enable Logging to a Cisco-managed S3 Bucket

Prerequisites

  • Full administrative access to Cisco Umbrella.

Enable Logging

  1. Navigate to Admin > Log Management and select Use a Cisco-managed Amazon S3 bucket.
  1. Select a Region and a Retention Duration.
  • Select a Region—Regional endpoints are important because they minimize latency when downloading logs to your servers. The regions match those available in Amazon S3, however not all regions are available. For example, China is not listed.
    Pick the region that's closest to you from the dropdown. If you wish to change your region in the future, you will need to delete your current settings and start over.
  • Select a Retention Duration—Select 7, 14, or 30 days. Beyond the selected time period, all data is purged and cannot be retrieved. We recommend a smaller time period if your ingestion cycle is regular. The retention duration can be changed at any time.
  1. Click Save and then Continue to confirm your settings.

Umbrella activates its ability to export to an AWS S3 account. When activation is complete, the Amazon S3 Summary page appears.

  1. Copy credentials from this page and store them in a safe place. This is the only time that the Access and Secret keys are made available to you. These keys are required to access your S3 bucket and download logs. If you lose these keys they must be regenerated.
  2. Once keys are copied and safe, check Got it and then click Continue.
    Note: Continue is unavailable until you check Got it.

Enable Logging to Your Own S3 Bucket < Enable Logging to a Cisco-managed S3 Bucket > Change the Location of Event Data Logs

Updated 3 months ago

Enable Logging to a Cisco-managed S3 Bucket


Suggested Edits are limited on API Reference Pages

You can only suggest edits to Markdown body content, but not to the API spec.