1 Resposta
- Mais recentes
- Mais votos
- Mais comentários
1
Reviewing the documentation here - https://docs.aws.amazon.com/guardduty/latest/ug/guardduty_findings_cloudwatch.html - it seems that findings should be getting published to your SNS topic and on to Slack at or near the 5 minute mark, but subsequent occurrences of particular findings are aggregated and sent by default at 6 hours so this still doesn't match what you are seeing. If you've not changed the default for this behaviour or these are not subsequent alarms that are aggregating I suggest you get in touch with support to investigate your specific configuration.
respondido há 5 meses
Thank you. This document explains everything.
Conteúdo relevante
- AWS OFICIALAtualizada há 2 meses
- AWS OFICIALAtualizada há 2 anos
Are there any FailedInvocations in CloudWatch? For a delay that long I'd expect some failures and retries.
I am checking it regularly for failed invocations, but there is none. It's also subscribed to a dead letter SQS queue, no messages there too.