Amazon CloudWatch

Version: AWS Log Forwarder v1.0.10 and above

Amazon CloudWatch is a component of the Amazon Web Services that monitor the AWS resources and the customer applications running on the Amazon infrastructure. CloudWatch enables real-time monitoring of the AWS resources such as Amazon Elastic Compute Cloud EC2 instances, Amazon Elastic Block Store (EBS) volumes, Elastic Load Balancing, and Amazon Relational Database Service instances. The application automatically collects and provides metrics for the CPU utilization, latency, and request count. Users can also stipulate additional metrics to be monitored, such as memory usage, transaction volumes, or error rates.

Netsurion Open XDR monitors events from Amazon CloudWatch by parsing the AWS CloudTrail logs and triggers from Amazon EventBridge. Dashboards and reports in Netsurion Open XDR will track the overall actions performed related to the Amazon CloudWatch service to keep you informed about its activities. It will trigger alerts whenever an action that is critical to the service is carried out.

The following are the key Data Source Integration available in Netsurion Open XDR.


Type Name Description
Security Amazon CloudWatch – Create export task This alert is triggered when a new export file has been created and sent to the database or S3 storage in the CloudWatch service.
Security Amazon CloudWatch – Delete and disable alarms This alert is triggered when an attempt is made to delete the specified alarms and disables the actions for the specified alarms.
Security Amazon CloudWatch – Create and delete log groups his alert is triggered when an attempt is made to delete or remove the log group and create a new log group in CloudWatch.
Security Amazon CloudWatch – Delete filters This alert is triggered when the matric filter and subscription filter have been deleted by the user from the log group in the CloudWatch service.


Type Name Description
Security Amazon CloudWatch – Activity overview This report will contain relevant information related to any changes in the CloudWatch activities in the Amazon CloudWatch service.


The configuration details are consistent with Netsurion Open XDR 9.3 and later, and ETS-AWS-LogForwarder v1.0.10 and above.

Download Integration Guide and How-To Guide for configuration instructions and more information.