performing-cloud-log-forensics-with-athena
CommunityQuery cloud logs for fast forensic insights.
AuthorYukiIto1999
Version1.0.0
Installs0
System Documentation
What problem does it solve?
Investigators and security teams can perform cloud forensics by querying AWS log data across multiple sources using AWS Athena, enabling rapid, centralized analysis of events and indicators.
Core Features & Use Cases
- Centralized forensics across CloudTrail, VPC Flow Logs, S3 access logs, and ALB logs using partitioned tables and reusable SQL queries.
- Prebuilt forensic queries and workflow steps to build evidence-grade timelines and detect unauthorized access, data exfiltration, lateral movement, and web-layer threats.
- Flexible deployment: the agent automates table creation, data discovery, and query execution in a repeatable workflow for incident response.
Quick Start
Run the forensic agent to initialize the analytics environment and start a full investigation against your AWS logs.
Dependency Matrix
Required Modules
boto3botocore
Components
scriptsreferences
💻 Claude Code Installation
Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.
Please help me install this Skill: Name: performing-cloud-log-forensics-with-athena Download link: https://github.com/YukiIto1999/ctf-sleuth/archive/main.zip#performing-cloud-log-forensics-with-athena Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
Agent Skills Search Helper
Install a tiny helper to your Agent, search and equip skill from 471,000+ vetted skills library on demand.