SFTP To Go
Amazon EventBridge
SFTP To Go
SFTP To Go is a fully managed secure, scalable, and reliable cloud file storage service supporting SFTP, FTPS, S3, and HTTPS protocols. It allows sharing and integration with third parties using popular and secure protocols, and automates data management and processing using APIs and webhooks.
- Secure data transfer and transparent encryption at rest
- Reliable offsite backup
- Compatibility and ease of use
Amazon EventBridge
Amazon EventBridge is a serverless event bus service used to ingest, filter, transform, and route events across AWS services, custom applications, and third-party systems. By connecting SFTP To Go with Amazon EventBridge, you can stream SFTP To Go audit log events to an event bus in your AWS account and route security activity to logging, alerting, enrichment, storage, or SIEM workflows.
- Stream SFTP To Go audit log events to an Amazon EventBridge event bus
- Filter security activity by event source, detail type, and audit event fields
- Route file access, login, download, upload, delete, and access-denied events to AWS or SIEM targets
How does it work?
- In AWS, create or select the Amazon EventBridge event bus that should receive SFTP To Go audit log events. You can use the default event bus or create a dedicated custom event bus for SFTP To Go security activity.
- Decide where EventBridge should route the events after they arrive. Depending on your security monitoring setup, matching events can be sent to AWS services such as CloudWatch, Lambda, Kinesis Data Firehose, S3, SQS, or another supported EventBridge target used by your SIEM or observability pipeline.
- In SFTP To Go, add Amazon EventBridge as a streaming audit log destination by following the SFTP To Go documentation for Amazon EventBridge destinations. The SFTP To Go guide covers the required destination settings, generated resource policy, event bus permissions, delivery health, and validation behavior.
- After the destination is saved in SFTP To Go, return to Amazon EventBridge and create a rule that matches SFTP To Go audit log events. The key event values are
sourceset tosftptogoanddetail-typeset toAudit Log. - Narrow the rule if you only want to route specific security events. For example, create a separate rule for failed logins, access-denied events, downloads, uploads, deletes, or other audit event types that need a dedicated alerting or investigation workflow.
- Select the EventBridge target for the rule. For security monitoring workflows, common targets include CloudWatch Logs for inspection, Lambda for enrichment, Kinesis Data Firehose for delivery to storage or analytics, SQS for buffering, or another supported target used by your security pipeline.
- If the target expects a different payload structure, use EventBridge input transformation or a Lambda function to reshape the SFTP To Go audit event before delivery.
- Generate a test event by performing an auditable action in SFTP To Go, such as a login, failed login, upload, download, delete, or access-denied attempt.
- Confirm that the event appears on the EventBridge bus and reaches the configured target. Use the EventBridge rule monitoring tools, target logs, or downstream SIEM pipeline to confirm successful delivery.
- Monitor the destination in SFTP To Go and the rule target in AWS. If EventBridge delivery fails because the event bus policy or receiving configuration is incorrect, fix the AWS-side configuration and confirm that new events flow successfully.
- As your security monitoring setup changes, update the EventBridge rules, targets, input transformations, or downstream SIEM pipeline without changing the underlying SFTP To Go file transfer environment.
Ready to get started?
Be up and running with your secure cloud storage in seconds
Get started with a free trial