activity_dashboard_client_error_countactivity_dashboard_redirect_countactivity_dashboard_requests_by_bucketactivity_dashboard_requests_by_dayactivity_dashboard_requests_by_erroractivity_dashboard_requests_by_operationactivity_dashboard_requests_by_requesteractivity_dashboard_requests_by_source_ipactivity_dashboard_requests_by_status_categoryactivity_dashboard_server_error_countactivity_dashboard_success_countactivity_dashboard_top_10_error_urisactivity_dashboard_top_10_keysactivity_dashboard_top_10_successful_urisactivity_dashboard_total_requestss3_bucket_accessed_using_insecure_tls_versions3_object_accessed_outside_business_hourss3_object_accessed_using_insecure_tls_versions3_object_accessed_using_suspicious_user_agents3_object_accessed_with_large_request_sizes3_object_accessed_with_large_response_size
Queries in AWS S3 Server Access Log Detections
The AWS S3 Server Access Log Detections mod includes 21 queries:
- activity_dashboard_client_error_count
- activity_dashboard_redirect_count
- activity_dashboard_requests_by_bucket
- activity_dashboard_requests_by_day
- activity_dashboard_requests_by_error
- activity_dashboard_requests_by_operation
- activity_dashboard_requests_by_requester
- activity_dashboard_requests_by_source_ip
- activity_dashboard_requests_by_status_category
- activity_dashboard_server_error_count
- activity_dashboard_success_count
- activity_dashboard_top_10_error_uris
- activity_dashboard_top_10_keys
- activity_dashboard_top_10_successful_uris
- activity_dashboard_total_requests
- s3_bucket_accessed_using_insecure_tls_version
- s3_object_accessed_outside_business_hours
- s3_object_accessed_using_insecure_tls_version
- s3_object_accessed_using_suspicious_user_agent
- s3_object_accessed_with_large_request_size
- s3_object_accessed_with_large_response_size