Verified Access logging versions
By default, the Verified Access logging system uses Open Cybersecurity Schema Framework (OCSF) version 0.1. For sample logs that use version 0.1 see OCSF version 0.1 log examples for Verified Access.
The latest logging version is compatible with OCSF version 1.0.0-rc.2. For more
information about the schema, see OCSF Schema
Note that you can't use OCSF version 0.1 if the Verified Access endpoint uses the TCP protocol.
To upgrade the logging version using the console
Open the Amazon VPC console at https://console.aws.amazon.com/vpc/
. -
In the navigation pane, choose Verified Access instances.
-
Select the appropriate Verified Access instance.
-
On the Verified Access instance logging configuration tab, choose Modify Verified Access instance logging configuration.
-
Select ocsf-1.0.0-rc.2 from the Update log version drop-down list.
-
Choose Modify Verified Access instance logging configuration.
To upgrade the logging version using the AWS CLI
Use the modify-verified-access-instance-logging-configuration