Amazon Inspector (target and template) is a security vulnerability assessment service that helps improve the security and compliance of AWS resources.

Amazon Inspector automatically assesses resources for vulnerabilities or deviations from best practices, and produces a detailed list of security findings prioritized by level of severity. Amazon Inspector includes a knowledge base of hundreds of rules mapped to common security standards and vulnerability definitions. The knowledge base is regularly updated by AWS security researchers.

External reference

Amazon Inspector

Setup

To set up the AWS integration and discover the AWS service, go to AWS Integration Discovery Profile and select Inspector Template or Inspector Target.

Event support

CloudTrail event support

  • Supported (Inspector Template and Inspector Target)
  • Configurable in OpsRamp AWS Integration Discovery Profile.

CloudWatch alarm support

  • Supported (Inspector Template and Inspector Target)
  • Configurable in OpsRamp AWS Integration Discovery Profile.

Supported metrics

OpsRamp MetricMetric Display NameUnitAggregation Type
aws_inspector_totalmatchingagents

Number of agents that match this target.
TotalMatchingAgentsCountAverage
aws_inspector_totalhealthyagents

Number of agents that match this template that are healthy.
TotalHealthyAgentsCountAverage
aws_inspector_totalassessmentruns

Number of assessment runs for this template.
TotalAssessmentRunsCountAverage
aws_inspector_totalfindings

Number of findings for this target.
TotalFindingsCountAverage