Questions tagged with Amazon GuardDuty
Content language: English
Select up to 5 tags to filter
Sort by most recent
Browse through the questions and answers listed below or filter and sort to narrow down your results.
I want to integrate my AWS GuardDuty alerts with cloudwatch so that I get such alerts on my PagerDuty if there is any threats…is there any way to do so?
2
answers
0
votes
304
views
asked a year agolg...
Hi,
I just noticed that Amazon GuardDuty EKS Runtime Monitoring has status "Requires activation". I have EKS runtime enabled as per this screen:
![Enter image description...
2
answers
0
votes
513
views
asked a year agolg...
I am using AWS GuardDuty and EKS. Recently I got couple of alerts from AWS GuardDuty for DefenseEvasion:EC2/UnusualDNSResolver mentioning one of the EKS nodes are connecting to 1.1.1.1. When I check...
1
answers
0
votes
554
views
asked a year agolg...
I'm using our Management account to do this. The main GuardDuty service is enabled on a vast majority of our Organization accounts already. I do not need to enable GuardDuty itself, just turn on the...
1
answers
0
votes
352
views
asked a year agolg...
I'm working on analyzing CloudTrail events as they come in and when I was setting up a filter ( ignore events that are readOnly ) I was surpised to see the above events coming through. is that...
1
answers
0
votes
426
views
asked a year agolg...
Purpose of Guarddutylg...
Hi Team,
Im aware Guardduty is used for threat detection based on the API calls.
Im struck where not all logs are appearing in the Guardduty.
I have a control tower setup with organization enabled...
2
answers
0
votes
269
views
asked a year agolg...
Hello Team,
I want to import our internal third-party intelligence feeds into guard duty. Is there any manual way or automated way to do so? Please let me know if any unconventional solutions are...
1
answers
0
votes
282
views
asked a year agolg...
I have a task where I'm required to make sure all my GuardDuty logs from multiple accounts are logged to one account using a centralized logging solution.
At the moment, I'm trying to find a way...
3
answers
0
votes
900
views
asked a year agolg...
Hello,
I am trying to export GuardDuty logs to S3 and I am getting errors with the policy. I am receiving message above **'findings export options' to an S3 bucket`**.
I am following the...
1
answers
0
votes
485
views
asked a year agolg...
I am using AWS GuardDuty integration to Slack.
Integration works like this, Cloudwatch Event --> SNS --> Lambda --> Slack.
Last week I got an alert for one finding and I did take action on that. But...
1
answers
0
votes
412
views
asked a year agolg...
Hi, all,
New to the community so will do my best to follow the dos and don't but a bit of a AWS novice so bear with me.
It was noticed that the new "Malware Protection" trial had started in our AWS...
1
answers
0
votes
313
views
asked a year agolg...
Hi,
AWS Guardduty is reporting: "ec2 instance is communicating with a remote host on an unusual server port 43582" from and EC2 instance that does not exist. We have autoscaling group that terminates...
2
answers
0
votes
1167
views
asked 2 years agolg...