普罗米修斯AWS担保出口商
prometheus-aws-guardduty-exporter的Python项目详细描述
普罗米修斯AWS担保出口商
功能
- 从AWS GuardDuty导出当前(未归档)结果的数量,按区域和严重性进行划分
- 支持多个AWS区域
导出指标
导出器导出以下度量:
Metric name | Type | Labels | Description |
---|---|---|---|
^{ | gauge | None | Always ^{ |
^{ | gauge | ^{ | The current number of unarchived findings |
^{ | counter | ^{ | The total number of scrape errors |
如何运行它
您有两个选项来运行它:
手动安装并运行^{
} Python package pip3 install prometheus-aws-guardduty-exporter prometheus-aws-guardduty-exporter --region us-east-1
使用Docker image available on Docker hub
docker run --env AWS_ACCESS_KEY_ID="id" --env AWS_SECRET_ACCESS_KEY="secret" spreaker/prometheus-aws-guardduty-exporter --region us-east-1
cli支持以下参数:
Argument | Required | Description |
---|---|---|
^{ | yes | AWS GuardDuty region (can specify multiple space separated regions) |
^{ | The host at which the Prometheus exporter should listen to. Defaults to ^{ | |
^{ | The port at which the Prometheus exporter should listen to. Defaults to ^{ | |
^{ | Minimum log level. Accepted values are: ^{ |
所需的IAM权限
为了成功运行,此应用程序需要以下IAM权限:
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "ListDetectorsAndGetFindingsStatisticsInAnyRegion",
"Effect": "Allow",
"Action": [
"guardduty:ListDetectors",
"guardduty:GetFindingsStatistics"
],
"Resource": "*"
}
]
}
开发
运行开发环境:
docker-compose build dev && docker-compose run --rm dev
在开发环境中运行测试:
python3 -m unittest
许可证
此软件在MIT license下发布。