AWS Config
Version: AWS LogForwarder v1.0.10 or later.
AWS Config is a service provided by Amazon that enables administrators to assess, audit, evaluate, and analyze the compliance levels and security of your AWS resources. It constantly monitors and records the changes in configurations and relationships between AWS resources, dives into detailed resource configuration histories, and determines your overall compliance with the format specified in your internal guidelines.
Netsurion Open XDR facilitates monitoring events from AWS Config by parsing the AWS CloudTrail logs and triggering events from Amazon EventBridge. The dashboard, categories, and reports in Netsurion Open XDR allow you to monitor overall actions performed related to the AWS Config service to keep you informed about its activities. It even triggers alerts when it performs critical and service-related activities.
For a new instance, integrate the AWS instance to Netsurion Open XDR using the Netsurion integrator lambda function, which will in turn deliver logs to Netsurion from AWS. For an already-integrated AWS instance, make sure to update to AWS LogForwarder v1.0.1 or later.
The following are the key Data Source Integration available in Netsurion Open XDR.
Alerts
| Type | Name | Description |
|---|---|---|
| Security | AWS Config – Configuration and rule changed | This alert is triggered when a modification is detected in the configuration of the config rule settings. |
Reports
| Type | Name | Description |
|---|---|---|
| Security | AWS Config – Activity overview | This report contains information related to all the activities in AWS Config Service. |
Documentation
The configuration details are consistent with Netsurion Open XDR 9.3 or later, and AWS LogForwarder v1.0.10 or later.
Download Integration Guide and How-to Guide for configuration instructions and more information.