Skip to content

AWS GuardDuty #2751

Closed
#4915
Closed
AWS GuardDuty#2751
#4915
Assignees
vinit-chauhan
Labels
8.7 candidate8.8 candidateEpicIntegration:awsAWSNew IntegrationIssue or pull request for creating a new integration package.
@jamiehynds

Description

@jamiehynds
jamiehynds
opened on Mar 1, 2022

Description

Amazon GuardDuty is a threat detection service that continuously monitors your AWS accounts and workloads for malicious activity and delivers detailed security findings for visibility and remediation.

Architecture

GuardDuty supports export of active findings to CloudWatch events, and optionally to an S3 bucket. More information on export options available here.

Integration release checklist

This checklist is intended for integrations maintainers to ensure consistency
when creating or updating a Package, Module or Dataset for an Integration.

All changes

  • Change follows the contributing guidelines
  • Supported versions of the monitoring target are documented
  • Supported operating systems are documented (if applicable)
  • Integration or System tests exist
  • Documentation exists
  • Fields follow ECS and naming conventions
  • At least a manual test with ES / Kibana / Agent has been performed.
  • Required Kibana version set to:

New Package

  • Screenshot of the "Add Integration" page on Fleet added

Dashboards changes

  • Dashboards exists
  • Screenshots added or updated
  • Datastream filters added to visualizations

Log dataset changes

  • Pipeline tests exist (if applicable)
  • Generated output for at least 1 log file exists
  • Sample event (sample_event.json) exists

Metadata

Metadata

Assignees

Labels

8.7 candidate8.8 candidateEpicIntegration:awsAWSNew IntegrationIssue or pull request for creating a new integration package.

Type

No type

Fields

No fields configured for issues without a type.

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions