Skip to main content
Panther Knowledge Base

How can I ingest GuardDuty findings via CloudWatch instead of S3 or SQS in Panther?

  1. Last updated
  2. Save as PDF

QUESTION

Is there a way to ingest GuardDuty findings via CloudWatch instead of having to export to S3?

 

ANSWER

There should be no problem ingesting your GuardDuty findings via CloudWatch.

To create your log source, go to Configure > Log Sources, select Custom Onboarding located on the left side of the screen, and select AWS CloudWatch Logs. Then, on the next page, under Log Types, select AWS.GuardDuty .

 Screenshot 2023-09-14 at 1.10.07 PM.png

 

  1. Back to top
  • Was this article helpful?

Recommended articles

  1. Page type
    Topic
  2. Tags
    This page has no tags.