Hello,
I have been tasked with ingesting Umbrella logs into our new SOC monitoring.
During this onboarding process I was able to allow the SOC access to my S3 bucket for umbrella logs but noticed that only DNS logs are current.
I have old IP & Proxy logs in my bucket, but those haven't been reported to my S3 bucket since 2019.
Maybe these logs aren't used by umbrella any longer?
I'm not sure why they stopped or how to re-enable IP & proxy logging to my S3 bucket.
Can anyone shed any light on this as a starting point to investigate please?
Thanks,