Uploading audit logs to KUMA SIEM
Written by
Updated at January 28, 2025
In this tutorial, you will create an Audit Trails trail to provide audit logs to the KUMA
The solution
- A trail uploads logs to an Yandex Object Storage bucket with encryption enabled.
- The bucket is mounted as a part of the file system
on the server with the KUMA collector installed. - The KUMA collector receives event data from the mounted bucket and forwards it for processing.
You can use the following tools to create an audit log upload infrastructure:
- Management console, CLI: Use the Yandex Cloud management console, CLI, or API to create your infrastructure step by step.
- Terraform: Streamline creating and managing your resources using the infrastructure as code (IaC) approach. Download a Terraform configuration example and then deploy the infrastructure using the Yandex Cloud Terraform
provider.