普罗米修斯AWS担保出口商
prometheus-aws-guardduty-exporter的Python项目详细描述
普罗米修斯AWS担保出口商
功能
- 从AWS GuardDuty导出当前(未归档)结果的数量,按区域和严重性进行划分
- 支持多个AWS区域
导出指标
导出器导出以下度量:
| Metric name | Type | Labels | Description |
|---|---|---|---|
| ^{ | gauge | None | Always ^{ |
| ^{ | gauge | ^{ | The current number of unarchived findings |
| ^{ | counter | ^{ | The total number of scrape errors |
如何运行它
您有两个选项来运行它:
手动安装并运行^{
} Python package pip3 install prometheus-aws-guardduty-exporter prometheus-aws-guardduty-exporter --region us-east-1使用Docker image available on Docker hub
docker run --env AWS_ACCESS_KEY_ID="id" --env AWS_SECRET_ACCESS_KEY="secret" spreaker/prometheus-aws-guardduty-exporter --region us-east-1
cli支持以下参数:
| Argument | Required | Description |
|---|---|---|
| ^{ | yes | AWS GuardDuty region (can specify multiple space separated regions) |
| ^{ | The host at which the Prometheus exporter should listen to. Defaults to ^{ | |
| ^{ | The port at which the Prometheus exporter should listen to. Defaults to ^{ | |
| ^{ | Minimum log level. Accepted values are: ^{ |
所需的IAM权限
为了成功运行,此应用程序需要以下IAM权限:
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "ListDetectorsAndGetFindingsStatisticsInAnyRegion",
"Effect": "Allow",
"Action": [
"guardduty:ListDetectors",
"guardduty:GetFindingsStatistics"
],
"Resource": "*"
}
]
}
开发
运行开发环境:
docker-compose build dev && docker-compose run --rm dev
在开发环境中运行测试:
python3 -m unittest
许可证
此软件在MIT license下发布。
欢迎加入QQ群-->: 979659372
