Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 

Creating a CloudWatch Events Rule

 

You need to configure a CloudWatch Events rule to get Amazon AWS Security Hub events and forward the events to the CloudWatch Logs.

Ensure that you complete the following tasks:

  1. Creating an IAM role for the Lambda function

  2. Creating a Lambda function

  1. Log in to your CloudWatch console (https://console.aws.amazon.com/cloudwatch/).
  2. Click Events > Rules in the navigation pane.
  3. Click Create rule.
  4. In the Create Rule pane, in Event Source, select the following field values:

    Table 1: CloudWatch Events Rule

    Field

    Value

    Service Name

    Security Hub

    Event Type

    All Events

  5. In the Targets pane, click Add targets.
  6. Select Lambda function.
  7. In the Function field, select the function that you created when you completed the Creating a Lambda function procedure.
  8. Click Configure details to open the Configure rule details pane.
  9. In the Configure rule details pane, type a name, such as AWSSecurityHubToJSA.
  10. Click Create rule.