2 Answers
- Newest
- Most votes
- Most comments
0
Try the following documentation:
answered 2 years ago
0
Hey Vijay, All the logging is done on the backend as GuardDuty gets them directly from the relevant services. You do not need to enable any resource logging. GuardDuty analyses CloudTrail management event logs, CloudTrail S3 data event logs, VPC Flow Logs, DNS query logs, and Amazon EKS audit logs without you enabling any resource logs. Please refer to the following for more information: 1/ workshop session showing how to setup GuardDuty in a Control tower environment. https://controltower.aws-management.tools/security/guardduty/ 2/ troubleshooting section as well https://docs.aws.amazon.com/guardduty/latest/ug/troubleshooting.html Do not hesitate to contact AWS Support for further assistance if needed.
Relevant content
- asked a year ago
- Accepted Answerasked a year ago
- AWS OFFICIALUpdated 2 years ago
- AWS OFFICIALUpdated 2 months ago
- AWS OFFICIALUpdated 2 months ago
- AWS OFFICIALUpdated 3 months ago
I have aldready enabled Guard duty in an audit account and made that a delegated account. Now i dont see the logs or insights for that account in my audit account. Need to know what type of resource logs should be enabled to get the logs of all accounts.