Prometheus exporter for AWS GuardDuty

Navigation

Verified details

These details have been verified by PyPI
Maintainers
Avatar for spreaker from gravatar.com spreaker

Unverified details

These details have not been verified by PyPI
Project links
GitHub Statistics

View statistics for this project via Libraries.io, or by using our public dataset on Google BigQuery

Meta

Author: Spreaker

Tags prometheus, aws, guardduty

Requires: Python >= 3.11

Project description

Prometheus exporter for AWS GuardDuty

Features

  • Exports the number of current (unarchived) findings from AWS GuardDuty, splitted by region and severity
  • Supports multiple AWS regions

Exported metrics

The exporter exports the following metrics:

Metric name Type Labels Description
aws_guardduty_exporter_up gauge None Always 1: can be used to check if it's running
aws_guardduty_current_findings gauge region, severity The current number of unarchived findings
aws_guardduty_scrape_errors_total counter region, severity The total number of scrape errors

How to run it

You have two options to run it:

  1. Manually install and run the prometheus-aws-guardduty-exporter Python package

    pip3 install prometheus-aws-guardduty-exporter

prometheus-aws-guardduty-exporter --region us-east-1

  2. Use the Docker image available on Docker hub

    docker run --env AWS_ACCESS_KEY_ID="id" --env AWS_SECRET_ACCESS_KEY="secret" spreaker/prometheus-aws-guardduty-exporter --region us-east-1

The cli supports the following arguments:

Argument Required Description
--region REGION [REGION ...] yes AWS GuardDuty region (can specify multiple space separated regions)
--exporter-host The host at which the Prometheus exporter should listen to. Defaults to 127.0.0.1
--exporter-port The port at which the Prometheus exporter should listen to. Defaults to 9100
--log-level LOG_LEVEL Minimum log level. Accepted values are: DEBUG, INFO, WARNING, ERROR, CRITICAL. Defaults to INFO

Required IAM privileges

In order to successfully run, this application requires the following IAM privileges:

{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Sid":    "ListDetectorsAndGetFindingsStatisticsInAnyRegion",
      "Effect": "Allow",
      "Action": [
        "guardduty:ListDetectors",
        "guardduty:GetFindingsStatistics"
      ],
      "Resource": "*"
    }
  ]
}

Development

Run the development environment:

docker-compose build dev && docker-compose run --rm dev

Run tests in the dev environment:

python3 -m unittest

License

This software is released under the MIT license.

Project details

Verified details

These details have been verified by PyPI
Maintainers
Avatar for spreaker from gravatar.com spreaker

Unverified details

These details have not been verified by PyPI
Project links
GitHub Statistics

View statistics for this project via Libraries.io, or by using our public dataset on Google BigQuery

Meta

Author: Spreaker

Tags prometheus, aws, guardduty

Requires: Python >= 3.11


Release history Release notifications | RSS feed

This version

2.0.0

1.1.2

1.1.1

1.1.0

1.0.0

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

prometheus-aws-guardduty-exporter-2.0.0.tar.gz (6.8 kB view hashes)

Uploaded Source

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page