<~XSIAM>

The AWS CloudTrail pack contains the following:

• Integration for interacting with a trail on AWS via an automation (Playbooks, Playground, etc.). See the AWS - CloudTrail integration docs for additional details.
• Data normalization rules for parsing and modeling AWS CloudTrail Audit Logs that are ingested into the amazon_aws_raw dataset via the Amazon S3 data source on Cortex XSIAM. See Ingest audit logs from AWS Cloud Trail for configuration details. When configuring the Amazon S3 data source on Cortex XSIAM, select the Audit Logs log type:

</~XSIAM>