2 Answers
- Newest
- Most votes
- Most comments
0
Hi there,
In the current release, SecurityHub is looking for an exact pattern match for the metric filter based on the CIS guidelines. The additional parentheses in the filter pattern may be causing the pattern match to fail. Can you try changing the metric filter pattern to { $.userIdentity.type = "Root" && $.userIdentity.invokedBy NOT EXISTS && $.eventType != "AwsServiceEvent" } ?
- Aparna
answered 5 years ago
Relevant content
- Accepted Answerasked 23 days ago
- Accepted Answerasked 9 months ago
- asked 3 years ago
- AWS OFFICIALUpdated a year ago
- AWS OFFICIALUpdated 8 months ago
- AWS OFFICIALUpdated a year ago
- AWS OFFICIALUpdated 2 months ago