Monitor Fastly logs to gain complete visibility into your network traffic with Panther’s Fastly integration.
Fastly access logs contain information for each request made by a client, handled by the Fastly CDN. This includes the files that are accessed, how your service responded to a request, what browser a client is using, the IP address of clients, and more. Panther can collect, normalize, and monitor Fastly logs to help you identify suspicious activity in real-time. Your normalized data is then retained to power future security investigations in a serverless data lake powered by AWS or the cloud-native data platform, Snowflake.
Use Cases
Common security use cases for Fastly with Panther include:
- Track user behavior and easily identify patterns of suspicious activity
- Monitor for bot traffic and spot anomalies in user patterns
- Monitor for activity that might indicate a DDoS attack
How it Works
The integration is simple and fast:
- Send your Fastly Logs to a S3 bucket with their native integration
- Add your S3 Bucket as a data source in Panther
- Panther parses, normalizes, and analyzes your log data in real-time
- As rules are triggered, alerts are sent to your configured destinations
- Normalized logs can be searched from Panther’s Data Explorer
- Sit back and monitor your activity!
Learn more about Panther's supported log schema for Fastly.
