Amazon Inspector (target and template) is a security vulnerability assessment service that helps improve the security and compliance of AWS resources.
Amazon Inspector automatically assesses resources for vulnerabilities or deviations from best practices, and produces a detailed list of security findings prioritized by level of severity. Amazon Inspector includes a knowledge base of hundreds of rules mapped to common security standards and vulnerability definitions. The knowledge base is regularly updated by AWS security researchers.
External reference
Setup
To set up the AWS integration and discover the AWS service, go to AWS Integration Discovery Profile and select Inspector Template or Inspector Target.
Event support
CloudTrail event support
- Supported (Inspector Template and Inspector Target)
- Configurable in OpsRamp AWS Integration Discovery Profile.
CloudWatch alarm support
- Supported (Inspector Template and Inspector Target)
- Configurable in OpsRamp AWS Integration Discovery Profile.
Supported metrics
| OpsRamp Metric | Metric Display Name | Unit | Aggregation Type |
|---|---|---|---|
| aws_inspector_totalmatchingagents Number of agents that match this target. | TotalMatchingAgents | Count | Sum |
| aws_inspector_totalhealthyagents Number of agents that match this template that are healthy. | TotalHealthyAgents | Count | Sum |
| aws_inspector_totalassessmentruns Number of assessment runs for this template. | TotalAssessmentRuns | Count | Sum |
| aws_inspector_totalfindings Number of findings for this target. | TotalFindings | Count | Sum |