Tailscale administrators can now use Amazon S3 and S3-compatible buckets as streaming destinations for both configuration audit logs and network flow logs. Tailscale’s log streaming offerings have long been an important part of our users’ compliance and security strategies, and over the past year we’ve added support for many of the most popular security information and event management (SIEM) systems as streaming endpoints.
But we’ve also heard from some customers that would like to archive these logs for audit purposes and do not want to incur the costs that come with a full-fledged SIEM solution. Streaming these kinds of logs to S3-compatible buckets solves the auditability problem while keeping the costs of storage low.
We support streaming to native S3 buckets using IAM roles and S3-compatible buckets (e.g., MinIO and B2) using access keys and secrets. You can set up an S3 streaming destination via the admin console. Please see our log streaming docs for setup instructions.
S3 logging is currently in beta. Configuration audit log streaming is available on Tailscale’s Personal, Personal Plus, and Enterprise plans. Network log streaming is available on the Enterprise plan.
Pouyan Aminian
Parker Higgins
