Amazon Kinesis
Version: AWS Log Forwarder v1.0.10 and above
Amazon Kinesis Data Analytics is a managed service used to process and analyze streaming data using Java, SQL, or Scala. The service quickly authors and runs the Java, SQL, or Scala code against streaming sources to perform the time series analytics, feed real-time dashboards, and create real-time metrics.
Netsurion Open XDR monitors events from Amazon Kinesis by parsing the AWS CloudTrail logs for Kinesis. Dashboards and reports in Netsurion Open XDR allow you to monitor overall actions triggered related to Kinesis so that you are informed about its activities. It will trigger alerts whenever an action that is critical to the application is carried out, like stopping operation or deletion of app configuration or the application itself.
For a new instance, integrate the AWS instance to Netsurion Open XDR using the Netsurion integrator AWS Lambda function, which will in turn deliver logs to Netsurion Open XDR from Amazon Web Services. For an already-integrated AWS instance, make sure to update to AWS Log Forwarder to v1.0.10 or above.
The following are the key Data Source Integration available in Netsurion Open XDR.
Alerts
| Type | Name | Description |
|---|---|---|
| Security | Amazon Kinesis – Application deleted | This alert is triggered when a Kinesis Analytics application is deleted. |
| Security | Amazon Kinesis – Stream retention period decreased | This alert is triggered when the retention period of data records is decreased for a Kinesis data stream. |
| Security | Amazon Kinesis – Data stream deleted | This alert is triggered when a data stream is deleted in Kinesis. |
| Security | Amazon Kinesis – Delivery stream deleted | This alert is triggered when a delivery stream is deleted in Kinesis. |
| Security | Amazon Kinesis – Data stream encryption disabled | This alert is triggered when the server-side encryption is disabled for a Kinesis stream. |
| Operations | Amazon Kinesis – Data preprocessor deleted | This alert is triggered when a data pre-processing function is removed from the configuration settings of a Kinesis analytics application. |
| Operations | Amazon Kinesis – SQL I/O configuration deletion | This alert is triggered when an output stream or a reference output data source is deleted. |
| Operations | Amazon Kinesis – Application stopped | This alert is triggered when a Kinesis Analytics application is stopped. |
| Operations | Amazon Kinesis – Stream enhanced metrics disabled | This alert is triggered when the enhanced monitoring for a Kinesis stream is disabled. |
| Operations | Amazon Kinesis – Stream shard count updated | This alert is triggered when the shard count for a particular Kinesis data stream is updated. |
Reports
| Type | Name | Description |
|---|---|---|
| Operations | Amazon Kinesis – Analytic application modifications | This report gives the details of all actions carried out in relation to the Kinesis analytics service. It gives information about the action name, the time it was initiated, and by whom, among some other details related to the application and the user. |
| Operations | Amazon Kinesis – Data stream activities | This report gives the details of all actions related to data streams in Kinesis, which includes information like stream name, the action initiated against it, the timestamp for the action, and the user information for the same. |
Documentation
The configuration details are consistent with Netsurion Open XDR 9.3 and later, and ETS AWS LogForwarder v1.0.10 and above.
Download Integration Guide and How-to Guide for configuration instructions and more information.