Amazon GuardDuty
The IBM® QRadar® DSM for Amazon GuardDuty collects Amazon GuardDuty events from the log group of the Amazon CloudWatch logs services.
The following table identifies the specifications for the Amazon GuardDuty DSM:
Specification | Value |
---|---|
Manufacturer | Amazon |
DSM name | Amazon GuardDuty |
RPM file name | DSM-AmazonGuardDuty-QRadar_version-buildbuild_number.noarch.rpm |
Supported versions | GuardDuty Schema Version 2.0 |
Protocol | Amazon Web Services Amazon AWS REST API |
Event format | JSON |
Recorded event types | Amazon GuardDuty Findings |
Automatically discovered? | No |
Includes identity? | No |
Includes custom properties? | No |
More information | For more information, see the Amazon GuardDuty Documentation (https://aws.amazon.com/documentation/guardduty). |