Prometheus exporter for AWS GuardDuty

Navigation

Verified details

These details have been verified by PyPI
Maintainers
Avatar for spreaker from gravatar.com spreaker

Unverified details

These details have not been verified by PyPI
Project links
Meta
  • Author: Spreaker
  • Tags prometheus, aws, guardduty
  • Requires: Python >=3.11
  • Provides-Extra: dev

Project description

Prometheus exporter for AWS GuardDuty

Features

  • Exports the number of current (unarchived) findings from AWS GuardDuty, splitted by region and severity
  • Supports multiple AWS regions

Exported metrics

The exporter exports the following metrics:

Metric name Type Labels Description
aws_guardduty_exporter_up gauge None Always 1: can be used to check if it's running
aws_guardduty_current_findings gauge region, severity The current number of unarchived findings
aws_guardduty_scrape_errors_total counter region, severity The total number of scrape errors

How to run it

You have two options to run it:

  1. Manually install and run the prometheus-aws-guardduty-exporter Python package

    pip3 install prometheus-aws-guardduty-exporter

prometheus-aws-guardduty-exporter --region us-east-1

  2. Use the Docker image available on Docker hub

    docker run --env AWS_ACCESS_KEY_ID="id" --env AWS_SECRET_ACCESS_KEY="secret" spreaker/prometheus-aws-guardduty-exporter --region us-east-1

The cli supports the following arguments:

Argument Required Description
--region REGION [REGION ...] yes AWS GuardDuty region (can specify multiple space separated regions)
--role-arn The ARN of an AWS role to assume
--exporter-host The host at which the Prometheus exporter should listen to. Defaults to 127.0.0.1
--exporter-port The port at which the Prometheus exporter should listen to. Defaults to 9100
--log-level LOG_LEVEL Minimum log level. Accepted values are: DEBUG, INFO, WARNING, ERROR, CRITICAL. Defaults to INFO

Required IAM privileges

In order to successfully run, this application requires the following IAM privileges:

{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Sid":    "ListDetectorsAndGetFindingsStatisticsInAnyRegion",
      "Effect": "Allow",
      "Action": [
        "guardduty:ListDetectors",
        "guardduty:GetFindingsStatistics"
      ],
      "Resource": "*"
    }
  ]
}

Development

Run the development environment:

docker-compose build dev && docker-compose run --rm dev

Run tests in the dev environment:

python3 -m unittest

License

This software is released under the MIT license.

Project details

Verified details

These details have been verified by PyPI
Maintainers
Avatar for spreaker from gravatar.com spreaker

Unverified details

These details have not been verified by PyPI
Project links
Meta
  • Author: Spreaker
  • Tags prometheus, aws, guardduty
  • Requires: Python >=3.11
  • Provides-Extra: dev

Release history Release notifications | RSS feed

This version

3.0.0

2.0.0

1.1.2

1.1.1

1.1.0

1.0.0

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

prometheus_aws_guardduty_exporter-3.0.0.tar.gz (7.1 kB view details)

Uploaded Source

File details

Details for the file prometheus_aws_guardduty_exporter-3.0.0.tar.gz.

File metadata

File hashes

Hashes for prometheus_aws_guardduty_exporter-3.0.0.tar.gz
Algorithm Hash digest
SHA256 a4c17e534e067e78330ff497078b5f8c1ae44780171bfd8346b05be6dea92d53
MD5 b046bddb64540cc4950069bde69cdd51
BLAKE2b-256 40eb4e6eb306f64b5f598488bde3f6f49614675235083c635c5f95d294868f56

See more details on using hashes here.

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page