Amazon Inspector

Overview

Amazon Inspector is a security vulnerability assessment service that helps improve the security and compliance of your AWS resources.

Enable this integration to see all your Inspector metrics in Datadog.

Setup

Installation

If you haven’t already, set up the Amazon Web Services integration first.

Metric collection

1. In the AWS integration tile, ensure that Inspector is checked under metric collection.
2. Install the Datadog - Amazon Inspector integration.

Log collection

Enable logging

Configure Amazon Inspector to send logs either to a S3 bucket or to CloudWatch.

Note: If you log to a S3 bucket, make sure that amazon_inspector is set as Target prefix.

Send logs to Datadog

1. If you haven’t already, set up the Datadog log collection AWS Lambda function.

2. Once the lambda function is installed, manually add a trigger on the S3 bucket or CloudWatch log group that contains your Amazon Inspector logs in the AWS console:

   • Add a manual trigger on the S3 bucket
   • Add a manual trigger on the CloudWatch Log Group

Data Collected

Metrics

aws.inspector.total_matching_agents (count)	The number of agents that match this target.
aws.inspector.total_healthy_agents (count)	The number of agents that match this target that are healthy.
aws.inspector.total_assessment_runs (count)	The number of assessment runs for this target.
aws.inspector.total_assessment_run_findings (count)	The number of findings for this target.

Events

The Amazon Inspector integration does not include any events.

Service Checks

The Amazon Inspector integration does not include any service checks.

Troubleshooting

Need help? Contact Datadog support.