Logging versions

By default, the Verified Access logging system uses Open Cybersecurity Schema Framework (OCSF) version 0.1. Sample logs using version 0.1 can be seen in the OCSF version 0.1 examples section.

The latest logging version is compatible with OCSF version 1.0.0-rc.2. Specific details on the on the schema can be found here OCSF Schema. Sample logs using version 1.0.0-rc.2 can be seen in the OCSF version 1.0.0-rc.2 examples section.

Upgrade logging version

If you want to upgrade the logging version being used, follow the procedure below.

To upgrade the logging version using the console

Open the Amazon VPC console at https://console.aws.amazon.com/vpc/.
In the navigation pane, choose Verified Access instances.
Select the appropriate Verified Access instance.
On the Verified Access instance logging configuration tab, choose Modify Verified Access instance logging configuration.
Select ocsf-1.0.0-rc.2 from the Update log version drop-down list.
Choose Modify Verified Access instance logging configuration.

To upgrade the logging version using the AWS CLI

Use the modify-verified-access-instance-logging-configuration command.

Warning Javascript is disabled or is unavailable in your browser.

To use the Amazon Web Services Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

Document Conventions

Verified Access logs

Logging permissions