Skip to content

[AWS] Guardduty dashboard enhancements #13542

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
kcreddy merged 5 commits into from
Apr 21, 2025
Merged

[AWS] Guardduty dashboard enhancements #13542

kcreddy merged 5 commits into from
Apr 21, 2025

Conversation

@moxarth-rathod
Copy link
Contributor

@moxarth-rathod moxarth-rathod commented Apr 15, 2025
edited
Loading

Proposed commit message

aws: guardduty dashboard enhancements

This PR contains the following enhancements:

Saved search `Findings Essential Details [Logs Guardduty]` is now added to the following dashboards
  - [Logs AWS] Guardduty Findings Severity
  - [Logs AWS] Guardduty Findings Threat
Added a new section for `Table of Contents` in all three Guardduty dashboards
  - Referred this template[1] for this section.
  - This section contains the hyperlinks to other guardduty dashboards for easy navigation
For this enhancement - `all should probably filter for data_stream.dataset: aws.guardduty`
  - The filter was already added to all three dashboards, so there are no changes related to this.
 
[1] https://gist.github.com/efd6/e8cf1ddf51e2eca22422b6333e4d1477

Checklist

  • I have reviewed tips for building integrations and this pull request is aligned with them.
  • I have verified that all data streams collect metrics or logs.
  • I have added an entry to my package's changelog.yml file.
  • I have verified that Kibana version constraints are current according to guidelines.
  • I have verified that any added dashboard complies with Kibana's Dashboard good practices

Related issues

Screenshots

aws-guardduty-findings-severity
aws-guardduty-findings-overview
aws-guardduty-findings-threat

@moxarth-rathod moxarth-rathod added enhancement New feature or request Integration:aws AWS Team:Security-Service Integrations Security Service Integrations team [elastic/security-service-integrations] Team:Sit-Crest Crest developers on the Security Integrations team [elastic/sit-crest-contractors] labels Apr 15, 2025
@moxarth-rathod moxarth-rathod self-assigned this Apr 15, 2025
@moxarth-rathod moxarth-rathod changed the title Aws guardduty dashboard enhancements [AWS] Guardduty dashboard enhancements Apr 15, 2025
@elastic-vault-github-plugin-prod
Copy link

elastic-vault-github-plugin-prod bot commented Apr 15, 2025
edited
Loading

🚀 Benchmarks report

Package aws 👍(8) 💚(4) 💔(8)

Expand to view
Data stream Previous EPS New EPS Diff (%) Result
guardduty 1036.27 852.51 -183.76 (-17.73%) 💔
inspector 2178.65 1655.63 -523.02 (-24.01%) 💔
route53_resolver_logs 6369.43 5102.04 -1267.39 (-19.9%) 💔
s3access 5102.04 3389.83 -1712.21 (-33.56%) 💔
cloudfront_logs 2114.16 1677.85 -436.31 (-20.64%) 💔
cloudtrail 2262.44 1841.62 -420.82 (-18.6%) 💔
elb_logs 5952.38 4201.68 -1750.7 (-29.41%) 💔
emr_logs 16129.03 10526.32 -5602.71 (-34.74%) 💔

To see the full report comment with /test benchmark fullreport

@moxarth-rathod moxarth-rathod marked this pull request as ready for review April 15, 2025 08:20
@moxarth-rathod moxarth-rathod requested review from a team as code owners April 15, 2025 08:20
@elasticmachine
Copy link

elasticmachine commented Apr 15, 2025

Pinging @elastic/security-service-integrations (Team:Security-Service Integrations)

kcreddy
kcreddy approved these changes Apr 15, 2025
View reviewed changes
Copy link
Contributor

@kcreddy kcreddy left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Verified the screenshots contain the changes as per PR description and they match the problems described in the original issue.

@andrewkroh andrewkroh added dashboard Relates to a Kibana dashboard bug, enhancement, or modification. Team:obs-ds-hosted-services Observability Hosted Services team [elastic/obs-ds-hosted-services] labels Apr 15, 2025
@muthu-mps
Copy link
Contributor

muthu-mps commented Apr 16, 2025

Can we update the recent dashboard images to the integrations?

muthu-mps
muthu-mps approved these changes Apr 16, 2025
View reviewed changes
Copy link
Contributor

@muthu-mps muthu-mps left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

code owner approval!

@kcreddy
Copy link
Contributor

kcreddy commented Apr 16, 2025

Can we update the recent dashboard images to the integrations?

@moxarth-rathod, can you update the integration screenshots for Guardduty?

@moxarth-rathod
Copy link
Contributor Author

moxarth-rathod commented Apr 17, 2025

@kcreddy @muthu-mps I've added screenshots to the integration and updated the manifest. Can you please review it?

@elasticmachine
Copy link

elasticmachine commented Apr 17, 2025

💚 Build Succeeded

History

cc @moxarth-rathod

@elastic-sonarqube
Copy link

elastic-sonarqube bot commented Apr 17, 2025

Quality Gate passed Quality Gate passed

Issues
0 New issues
0 Fixed issues
0 Accepted issues

Measures
0 Security Hotspots
100.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube

@kcreddy kcreddy merged commit 0f97b88 into elastic:main Apr 21, 2025
7 checks passed
@elastic-vault-github-plugin-prod
Copy link

elastic-vault-github-plugin-prod bot commented Apr 21, 2025

Package aws - 3.1.0 containing this change is available at https://epr.elastic.co/package/aws/3.1.0/

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@kcreddy kcreddy kcreddy approved these changes

@muthu-mps muthu-mps muthu-mps approved these changes

Assignees

@moxarth-rathod moxarth-rathod

Labels

dashboard Relates to a Kibana dashboard bug, enhancement, or modification. enhancement New feature or request Integration:aws AWS Team:obs-ds-hosted-services Observability Hosted Services team [elastic/obs-ds-hosted-services] Team:Security-Service Integrations Security Service Integrations team [elastic/security-service-integrations] Team:Sit-Crest Crest developers on the Security Integrations team [elastic/sit-crest-contractors]

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

[aws]: Guardduty dashboard enhancements

5 participants

@moxarth-rathod @elasticmachine @muthu-mps @kcreddy @andrewkroh