AWS Saml Access By Provider User And Principal
This search provides specific SAML access from specific Service Provider, user and targeted principal at AWS. This search provides specific information to detect abnormal access or potential credential hijack or forgery, specially in federated environments using SAML protocol inside the perimeter or cloud provider.
AWS Saml Access By Provider User And Principal Help
You must install splunk AWS add on and Splunk App for AWS. This search works with cloudtrail logs
Open in Search