Introduction
Amazon Inspector (target and template) is a security vulnerability assessment service that helps improve the security and compliance of AWS resources.
Amazon Inspector automatically assesses resources for vulnerabilities or deusingtions from best practices, and then produces a detailed list of security findings prioritized by level of severity. Amazon Inspector includes a knowledge base of hundreds of rules mapped to common security standards and vulnerability definitions. The knowledge base is regularly updated by AWS security researchers.
Setup
To set up the OpsRamp AWS integration and discover the AWS service,
go to AWS Integration Discovery Profile and select Inspector Template or Inspector Target.
Metrics
| OpsRamp Metric | Metric Display Name | Unit | Aggregation Type | Description |
|---|---|---|---|---|
| aws_inspector_totalmatchingagents | TotalMatchingAgents | Count | Average | Number of agents that match this target. |
| aws_inspector_totalhealthyagents | TotalHealthyAgents | Count | Average | Number of agents that match this template that are healthy. |
| aws_inspector_totalassessmentruns | TotalAssessmentRuns | Count | Average | Number of assessment runs for this template. |
| aws_inspector_totalfindings | TotalFindings | Count | Average | Number of findings for this target. |
Event support
CloudTrail event support
- Supported (Inspector Template and Inspector Target)
- Configurable in OpsRamp AWS Integration Discovery Profile.
CloudWatch alarm support
- Supported (Inspector Template and Inspector Target)
- Configurable in OpsRamp AWS Integration Discovery Profile.