1回答
- 新しい順
- 投票が多い順
- コメントが多い順
1
Reviewing the documentation here - https://docs.aws.amazon.com/guardduty/latest/ug/guardduty_findings_cloudwatch.html - it seems that findings should be getting published to your SNS topic and on to Slack at or near the 5 minute mark, but subsequent occurrences of particular findings are aggregated and sent by default at 6 hours so this still doesn't match what you are seeing. If you've not changed the default for this behaviour or these are not subsequent alarms that are aggregating I suggest you get in touch with support to investigate your specific configuration.
回答済み 5ヶ月前
Thank you. This document explains everything.
関連するコンテンツ
- AWS公式更新しました 10ヶ月前
Are there any FailedInvocations in CloudWatch? For a delay that long I'd expect some failures and retries.
I am checking it regularly for failed invocations, but there is none. It's also subscribed to a dead letter SQS queue, no messages there too.