1 réponse
- Le plus récent
- Le plus de votes
- La plupart des commentaires
1
Hi and welcome to the community!
You can search for the updateDetector event name to find who updated the Guard Duty configuration.
In particular you should search to see if scanEc2InstanceWithFindings
is set to true.
"requestParameters": {
"detectorId": "56bf249c0b2004c6e5f32f00b3cfda80",
"enable": true,
"findingPublishingFrequency": "SIX_HOURS",
"dataSources": {
"malwareProtection": {
"scanEc2InstanceWithFindings": {
"ebsVolumes": true
}
}
}
},
répondu il y a un an
Contenus pertinents
- demandé il y a un an
- demandé il y a 6 mois
- demandé il y a un an
- AWS OFFICIELA mis à jour il y a 2 ans
- AWS OFFICIELA mis à jour il y a 2 ans
Thanks. I followed your guidance and it isn't showing me any events. I know we have logging enabled as a user search shows events. Does logging need to be enabled separately for the config changes?