View security events in AWS CloudWatch

Manage Network Security endpoints in your VPC using AWS CloudWatch and the Network Security management interface. AWS CloudWatch is a tool, provided by Amazon, that enables you to manage your instances within your Amazon account. Use the Network Security management interface in conjunction with CloudWatch to monitor logged threat detection events. Follow the steps below to view security events:

1. Navigate to the AWS management interface and enter your credentials to log in to your AWS account.
2. Select the region that contains the VPC id where you have deployed Network Security endpoints.
3. To view security events, navigate to AWS CloudWatch and search for a log group named NSaaS-{c1-account-id}-{aws-account-id}-{vpc-id}.

View Threat Insights

You can also view a summary of the type of security events blocked by Network Security. Network Security includes a dashboard that displays compiled statistics on the security events from all of your managed virtual appliances during a designated time frame. Learn more about viewing security events in Threat Insights.