Automation AWS-GuardDuty findings

Get an SNS alert for High Severity GuardDuty findings

Problem: Getting notified when there is Red finding in AWS GuardDuty.

Functionality: Solution is to trigger the CloudWatch event and send SNS to user when there is any findings with severity of greater than 7 in Guardduty.

Architecture diagram

How to Run the Script : Create a Lambda function called "GuardDutyAlert" the run-time version Python 3.6 or above by using the attach code. Creation of the Lambda function will in turn create CloudWatch Logs groups for its logging. Lamda can be call every 5 mins or as per your business requirement.

Prerequisite: GuardDuty must be enabled on your account

Name		Name	Last commit message	Last commit date
Latest commit History 14 Commits
GuardDuty.py		GuardDuty.py
README.md		README.md

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GuardDuty.py

GuardDuty.py

README.md

README.md

Repository files navigation

Automation AWS-GuardDuty findings

About

Releases

Packages

Languages

gitenmitra/AWS-GuardDuty

Folders and files

Latest commit

History

GuardDuty.py

GuardDuty.py

README.md

README.md

Repository files navigation

Automation AWS-GuardDuty findings

About

Resources

Stars

Watchers

Forks

Releases

Packages 0

Languages

Packages