Home
Pricing
Github
Slack Channel
Home
Quick Start
Development
Operations
User Guide
Destinations
Analysis
Tutorials
Help
Log Analysis
Overview
Setup
S3 source
SQS source
SNS source
Rules
Supported Logs
Standard Fields
Cloud Security
Overview
Setup
Policies
Built-in Policy Runbooks
Automatic Remediation
Supported Resources
Enterprise
Overview
Data Analytics
SaaS Logs
Snowflake Integration
SAML/SSO Integration
Role-Based Access Control
Custom Log Types
Powered by GitBook

SQS source

The steps below will setup an SQS queue and will give you permissions to send data to that queue. Panther will pull events from that queue and will allow you to write rules and run queries on the processed data.

Step 1: Choose SQS source

From Log Analysis, click Sources > Add Source > Amazon SQS

Step 2: Enter the source details

Field

Required?

Description

Name

Yes

Friendly name of the source

Log Types

Yes

The list of Log Types that you are going to send to this SQS queue

Allowed Principal ARNs

No

The ARNs of the AWS principals that will be allowed to publish messages to the SQS queue e.g. arn:aws:iam::012345678912:root or arn:aws:iam::012345678912:role/Test-*

Allowed Source ARNs

No

The ARNs of the AWS resources (S3 buckets, SNS topics, etc) that can publish messages to that SQS queue e.g. arn:aws:sns:us-east-1:012345678912:my-topic or arn:aws:s3:::my-bucket*

Note that if none of Allowed Principal ARNs and Allowed Source ARNs properties are set, only Principals of the AWS account where Panther is deployed will be able to publish messages to the queue. Click Continue Setup.

Step 2: Create the SQS queue

Click Save Source. Panther will create an SQS queue and will allow the ARNs specified above to publish messages to it. The SQS queue URL will be display in the next page

You are all done! You can now start sending messages to the SQS queue.

Previous
S3 source
Next
SNS source
Last updated 2 months ago
Edit on GitHub
Contents
Step 1: Choose SQS source
Step 2: Enter the source details
Step 2: Create the SQS queue