AWS Systems Manager

Version: AWS LogForwarder v1.0.10 or later.

AWS Systems Manager gives the visibility and control of the infrastructure on AWS. Systems Manager provides a unified user interface so you can view the operational data from multiple AWS services and allows you to automate operational tasks across your AWS resources. Systems Manager helps you maintain security and compliance by scanning your managed nodes and reporting on any policy violations it detects.

Netsurion Open XDR monitors events from AWS Systems Manager by parsing the AWS CloudTrail logs and triggers from Amazon EventBridge. Dashboards and reports in Netsurion Open XDR, will track the overall actions performed that are related to the AWS Systems Manager service to keep you informed about its activities. It will trigger alerts whenever an action that is critical to the service is carried out.

For a new instance, integrate the AWS instance to Netsurion Open XDR using the Netsurion integrator lambda function, which will in turn deliver logs to Netsurion Open XDR from AWS. For an already-integrated AWS instance, make sure to update to AWS LogForwarder v1.0.1 or later.

The following are the key Data Source Integration available in Netsurion Open XDR.

Reports

Type Name Description
Security AWS Systems Manager – Activity Overview This report contains information related to any changes in the automation of the Systems Manager activities in the AWS System Manager service.

Documentation

The configuration details are consistent with Netsurion Open XDR 9.3 or later, and AWS LogForwarder v1.0.10 or later.

Download Integration Guide and How-to Guide for configuration instructions and more information.