Version: AWS Log Forwarder v1.0.10 and above.
Amazon DynamoDB is a fully managed NoSQL database service that provides fast and predictable performance with scalability. It also offers encryption at rest, which eliminates the operational burden and complexity involved in protecting sensitive data along with options to delete expired items from tables automatically, to help reduce storage usage and the cost of storing data that is no longer relevant.
Netsurion Open XDR monitors events from Amazon DynamoDB by parsing the AWS CloudTrail logs. Dashboards and reports in Netsurion Open XDR allow you to monitor overall actions triggered related to DynamoDB and its DynamoDB Accelerator (DAX) service to keep you informed about its activities. It will trigger alerts whenever an action critical to the application is carried out.
For a new instance, integrate the AWS instance to Netsurion Open XDR using the Netsurion integrator Lambda function, which will in turn deliver logs to Netsurion Open XDR from AWS.
For an already-integrated AWS instance, make sure to update to AWS Log Forwarder to v1.0.10 or above.
The following are the key Data Source Integration available in Netsurion Open XDR.
|Security||Amazon DynamoDB – Table deletion attempt||This alert is triggered when an attempt is made to delete a DynamoDB table in AWS.|
|Security||Amazon DynamoDB – Backup deletion attempt||This alert is triggered when an attempt is made to delete a manual on-demand backup.|
|Security||Amazon DynamoDB – DAX cluster deletion attempt||This alert is triggered when an attempt is made to delete a DAX cluster.|
|Security||Amazon DynamoDB – Parameter group deletion attempt||This alert is triggered when an attempt is made to delete a parameter group of a DAX cluster in DynamoDB.|
|Security||Amazon DynamoDB – DAX subnet deletion attempt||This alert is triggered when an attempt to delete a subnet in a DAX cluster in DynamoDB.|
|Security||Amazon DynamoDB – Database activity||This report will give a detailed overview of all activity related to the DynamoDB service.|
|Security||Amazon DynamoDB – DAX cluster activity||This report will give the details of all activity related specifically to the DAX cluster in DynamoDB.|
The configuration details are consistent with Netsurion Open XDR 9.3 and later, and ETS-AWS-LogForwarder v1.0.10 and above.