Contact UsGet started

Uploading Yandex Audit Trails audit logs to KUMA SIEM

Written by
Updated at March 31, 2025

In this tutorial, you will create an Audit Trails trail to provide audit logs to the KUMA collector.

The solution described in the tutorial works as follows:

  1. A trail uploads logs to an Yandex Object Storage bucket with encryption enabled.
  2. The bucket is mounted as a part of the file system on the server with the KUMA collector installed.
  3. The KUMA collector receives event data from the mounted bucket and forwards it for processing.

You can use the following tools to create an audit log upload infrastructure:

  • Management console, CLI: Use the Yandex Cloud management console, CLI, or API to create your infrastructure step by step.
  • Terraform: Streamline creating and managing your resources with the infrastructure as code (IaC) approach. Download a Terraform configuration example and deploy your infrastructure using the Yandex Cloud Terraform provider.
Previous
Uploading audit logs to ArcSight SIEM
Next
Uploading audit logs to KUMA SIEM using the management console, CLI, or API