Breaking News from AWS re:Invent
Coralogix receives AWS Rising Star award!
The Coralogix STA (Security Traffic Analyzer) is a tool by Coralogix for deep packet inspection, packet capturing, cloud configuration vulnerability scanning, and more.
For additional information see the introduction doc.
In addition, STA can be installed in a limited internet access environment.
Before you install the STA please make sure the following requests are met:
C4, D2, G3, G3s, H1, I3, M4, P2, P3, R4, X1, X1e, A1, C5, C5d, C5n, I3en, M5, M5a, M5ad, M5d, p3dn.24xlarge, R5, R5a, R5ad, R5d, T3, T3a, and z1d.
sta-ng.tf
values.auto.tfvars
terraform init
from the same folderterraform plan
and examine the changes that are going to be applied to your environmentterraform apply
from the same folder and approve the changespasswd
and change the default password of the ubuntu userSTA requires access to S3 for its config files. In some environments Internet outbound access is required to be limited to specific IPs, which means no access to public S3 will be available. In order to allow connectivity using amazon private network – Set a designated VPC gateway endpoint that connects your VPC directly to Amazon S3.
* Make sure your VPC’s route table contains Coralogix’s endpoints.
* In addition, in such environments the following enrichment services will not work: dns-rbls, unshorten-url, nist-cpe
, also updates to Suricata
service will fail.
After installing the STA, you can move forward in one of the following ways (or all of them) to get the most out of your newly installed STA:
sta-get-installation-id
and copy the uuid that is displayed on the screen and save it in a safe place. This key is required to login to the STA with administrative privileges which might be needed as part of a troubleshooting session.sta-acknowledge-installation-id
and carefully follow the instructions on the screen to remove the installation ID from the STAIf you have any questions or need any additional help, please contact our support team via our 24/7 in-app chat!