Version: AWS Log Forwarder v1.0.10 and above.
Amazon Relational Database Service (RDS) is a managed SQL database service provided by Amazon Web Services (AWS). Amazon RDS supports an array of database engines to store and organize data. It also helps with the relational database management tasks, such as data migration, backup, recovery and patching.
Netsurion Open XDR monitors events from Amazon RDS by parsing the AWS CloudTrail logs and triggers from Amazon EventBridge. Dashboards and reports in Netsurion Open XDR allow you to monitor overall actions performed that are related to the Amazon RDS service to keep you informed about its activities. It will trigger alerts whenever an action that is critical to the service is carried out.
For a new instance, integrate the AWS instance to Netsurion Open XDR using the Netsurion integrator AWS Lambda function, which will in turn deliver logs to Netsurion Open XDR from Amazon Web Services. For an already-integrated AWS instance, make sure to update to AWS Log Forwarder to v1.0.10 or above.
The following are the key Data Source Integration available in Netsurion Open XDR.
|Security||Amazon RDS – Backup deletion attempt||This alert is triggered when the deleted database backup is detected in Amazon Relational Database Service (RDS) service.|
|Security||Amazon RDS – Database deletion attempt||This alert is triggered when an attempt is made to delete or remove a database from the Amazon Relational Database Service (RDS) console.|
|Security||Amazon RDS – Backup export attempted||This alert is triggered when an attempt is made to export data or copy data to simple storage service(s3) from the RDS console.|
|Security||Amazon RDS – Activity overview||This report contains information related to all the activities in Amazon Relational Database Service (RDS).|
The configuration details are consistent with Netsurion Open XDR 9.3 and later, and ETS AWS LogForwarder v1.0.10 and above.