Verified Access logging versions
By default, the Verified Access logging system uses Open Cybersecurity Schema Framework (OCSF) version 0.1. Sample logs using version 0.1 can be seen in the OCSF version 0.1 log examples for Verified Access section.
The latest logging version is compatible with OCSF version 1.0.0-rc.2. Specific details on the on the schema can be found here OCSF Schema
If you want to upgrade the logging version being used, use the following procedure.
To upgrade the logging version using the console
Open the Amazon VPC console at https://console.aws.amazon.com/vpc/
. -
In the navigation pane, choose Verified Access instances.
-
Select the appropriate Verified Access instance.
-
On the Verified Access instance logging configuration tab, choose Modify Verified Access instance logging configuration.
-
Select ocsf-1.0.0-rc.2 from the Update log version drop-down list.
-
Choose Modify Verified Access instance logging configuration.
To upgrade the logging version using the AWS CLI
Use the modify-verified-access-instance-logging-configuration command.