The Cisco Cloud Security Add-on for Splunk can be used to bring Secure Access and/or Umbrella logs into Splunk from AWS S3 (from either your own bucket or from a Cisco Managed bucket).

Build 1.0.35 introduces the following changes:

1. The Intrusion Log Model has been changed to the IDS data model.
2. Field extraction fixes for the Intrusion Log Model.
3. Bug fixes

Docs can be found in our API documentation.