Detective Graph

Amazon Detective Graph is the core resource that represents a behavior graph in Amazon Detective. A behavior graph collects and organizes data from AWS resources, such as CloudTrail logs, VPC Flow Logs, and GuardDuty findings, to help analyze and visualize security-related activities. It enables security teams to investigate potential security issues, uncover relationships between entities, and identify root causes more efficiently.

aws.detective_graph

Fields

TitleIDTypeData TypeDescription
_keycorestring
account_idcorestring
arncorestringThe ARN of the behavior graph.
created_timecoretimestampThe date and time that the behavior graph was created. The value is an ISO8601 formatted string. For example, 2021-08-18T16:35:56.284Z.
tagscorehstore