Verified Access logging versions - AWS Verified Access

Verified Access logging versions

By default, the Verified Access logging system uses Open Cybersecurity Schema Framework (OCSF) version 0.1. Sample logs using version 0.1 can be seen in the OCSF version 0.1 log examples for Verified Access section.

The latest logging version is compatible with OCSF version 1.0.0-rc.2. Specific details on the on the schema can be found here OCSF Schema. Sample logs using version 1.0.0-rc.2 can be seen in the OCSF version 1.0.0-rc.2 log examples for Verified Access section.

If you want to upgrade the logging version being used, use the following procedure.

To upgrade the logging version using the console
  1. Open the Amazon VPC console at https://console.aws.amazon.com/vpc/.

  2. In the navigation pane, choose Verified Access instances.

  3. Select the appropriate Verified Access instance.

  4. On the Verified Access instance logging configuration tab, choose Modify Verified Access instance logging configuration.

  5. Select ocsf-1.0.0-rc.2 from the Update log version drop-down list.

  6. Choose Modify Verified Access instance logging configuration.

To upgrade the logging version using the AWS CLI

Use the modify-verified-access-instance-logging-configuration command.