Why does my Cloud Account display "Real Time Scanning Not Enabled" in Panther?
QUESTION
On the Connected Accounts page in the Panther Console, why does my cloud account have a message that says "Real Time Scanning Not Enabled"?
ANSWER
This particular error is an indication that the cloud account doesn't have real time scanning enabled. The account will still get scanned once per day. To enable real time scanning, you can either onboard CloudTrail for that account, or set up real time monitoring via CloudWatch events. The purpose of this message is to indicate that Panther has not received CloudTrail events for the given cloud account, either via CloudWatch events or via onboarded CloudTrail logs.