SlideShare a Scribd company logo

Real time insights-lab

B
Bela Sojina MBA, PMP

from day 4 of AWS NYC loft security week

Technology
1 of 11
Download to read offline
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved Lab Preparation and Real-Time Insights Lab Greg McConnel, Security Solutions Architect Jesse Fuchs, Security Solutions Architect
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved Agenda 1. Prep for GuardDuty Lab 2. Address any account or credit issues 3. Real Time Insight Lab
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved Preparation for GuardDuty Lab • We strongly recommend using your own AWS account, not a work account • Set up a new account if needed • We will provide AWS credits • GuardDuty is at no cost for the first 30 days (if you already had GuardDuty setup in your account you can open a new account for the lab)
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved Entering the AWS Account Credits • In the AWS Console, click in the upper right hand corner where your name is and choose My Account • On the left hand side click Credits • Enter the code
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved Real-Time Insights Lab
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved Architecture https://aws.amazon.com/answers/account-management/real-time-insights-account-activity/
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved Solution Details • CloudTrail records activity from the Console, SDKs, CLI, and other AWS services • CloudWatch event rule monitors for CloudTrail activity and sends data to Kinesis Firehose • Kinesis Firehose archives the events to S3 and sends the data to Kinesis Analytics for processing. • Once processed, the data is sent to Kinesis Streams. A Lambda function reads data from the stream and sends to a DynamoDB table to be stored and then read from the dashboard • Dashboard is a web page in S3 that uses Cognito user pools for access
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved Solution Walkthrough
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved URL http://lab.gregmcconnel.net/
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved Real-Time Insights Lab Questions: 1. Is this dashboard truly “real-time”? 2. How does the dashboard get access to DynamoDB? 3. How scalable is the solution? 4. How is the anomaly metric calculated? 5. What services or calls are not being monitored by this solution? http://lab.gregmcconnel.net/
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved aws.amazon.com/activate Everything and Anything Startups Need to Get Started on AWS

Recommended

8 Benefits of Moving QuickBooks Desktop to Cloud
8 Benefits of Moving QuickBooks Desktop to Cloud8 Benefits of Moving QuickBooks Desktop to Cloud
8 Benefits of Moving QuickBooks Desktop to CloudMonika Goel
 
StasD & Graphite - Measure anything, Measure Everything
StasD & Graphite - Measure anything, Measure EverythingStasD & Graphite - Measure anything, Measure Everything
StasD & Graphite - Measure anything, Measure EverythingAvi Revivo
 
Supply chain management use case
Supply chain management use caseSupply chain management use case
Supply chain management use caserajatpk
 
Google Cloud Next 2021 Recap
Google Cloud Next 2021 Recap Google Cloud Next 2021 Recap
Google Cloud Next 2021 RecapErvin Weber
 
An ops discovery of serverless
An ops discovery of serverlessAn ops discovery of serverless
An ops discovery of serverlessAWS User Group Bengaluru
 
Combining Logs, Metrics, and Traces for Unified Observability
Combining Logs, Metrics, and Traces for Unified ObservabilityCombining Logs, Metrics, and Traces for Unified Observability
Combining Logs, Metrics, and Traces for Unified ObservabilityElasticsearch
 
Recover from accidental deletions of your snapshots using recycle bin
Recover from accidental deletions of your snapshots using recycle binRecover from accidental deletions of your snapshots using recycle bin
Recover from accidental deletions of your snapshots using recycle binDhaval Soni
 
Taming the QIX Engine with Reactive Programming
Taming the QIX Engine with Reactive ProgrammingTaming the QIX Engine with Reactive Programming
Taming the QIX Engine with Reactive ProgrammingSperos Kokenes
 

Recommended

8 Benefits of Moving QuickBooks Desktop to Cloud
8 Benefits of Moving QuickBooks Desktop to Cloud8 Benefits of Moving QuickBooks Desktop to Cloud
8 Benefits of Moving QuickBooks Desktop to CloudMonika Goel
 
StasD & Graphite - Measure anything, Measure Everything
StasD & Graphite - Measure anything, Measure EverythingStasD & Graphite - Measure anything, Measure Everything
StasD & Graphite - Measure anything, Measure EverythingAvi Revivo
 
Supply chain management use case
Supply chain management use caseSupply chain management use case
Supply chain management use caserajatpk
 
Google Cloud Next 2021 Recap
Google Cloud Next 2021 Recap Google Cloud Next 2021 Recap
Google Cloud Next 2021 RecapErvin Weber
 
An ops discovery of serverless
An ops discovery of serverlessAn ops discovery of serverless
An ops discovery of serverlessAWS User Group Bengaluru
 
Combining Logs, Metrics, and Traces for Unified Observability
Combining Logs, Metrics, and Traces for Unified ObservabilityCombining Logs, Metrics, and Traces for Unified Observability
Combining Logs, Metrics, and Traces for Unified ObservabilityElasticsearch
 
Recover from accidental deletions of your snapshots using recycle bin
Recover from accidental deletions of your snapshots using recycle binRecover from accidental deletions of your snapshots using recycle bin
Recover from accidental deletions of your snapshots using recycle binDhaval Soni
 
Taming the QIX Engine with Reactive Programming
Taming the QIX Engine with Reactive ProgrammingTaming the QIX Engine with Reactive Programming
Taming the QIX Engine with Reactive ProgrammingSperos Kokenes
 
Opening Keynote
Opening KeynoteOpening Keynote
Opening KeynoteElasticsearch
 
Keynote
KeynoteKeynote
KeynoteElasticsearch
 
Combinação de logs, métricas e rastreamentos para observabilidade unificada
Combinação de logs, métricas e rastreamentos para observabilidade unificadaCombinação de logs, métricas e rastreamentos para observabilidade unificada
Combinação de logs, métricas e rastreamentos para observabilidade unificadaElasticsearch
 
Introduction to aws data pipeline services
Introduction to aws data pipeline servicesIntroduction to aws data pipeline services
Introduction to aws data pipeline servicesArcBlock
 
Migrating a legacy logging system: Etsy’s journey to Elastic Cloud
Migrating a legacy logging system: Etsy’s journey to Elastic CloudMigrating a legacy logging system: Etsy’s journey to Elastic Cloud
Migrating a legacy logging system: Etsy’s journey to Elastic CloudElasticsearch
 
Api observability
Api observability Api observability
Api observability Luca Mattia Ferrari
 
Transforming data into actionable insights
Transforming data into actionable insightsTransforming data into actionable insights
Transforming data into actionable insightsElasticsearch
 
Event-Sourcing your React-Redux applications at HolyJS 2016
Event-Sourcing your React-Redux applications at HolyJS 2016Event-Sourcing your React-Redux applications at HolyJS 2016
Event-Sourcing your React-Redux applications at HolyJS 2016Maurice De Beijer [MVP]
 
Event-Sourcing your React-Redux applications
Event-Sourcing your React-Redux applicationsEvent-Sourcing your React-Redux applications
Event-Sourcing your React-Redux applicationsMaurice De Beijer [MVP]
 
Event-Sourcing your React-Redux applications
Event-Sourcing your React-Redux applicationsEvent-Sourcing your React-Redux applications
Event-Sourcing your React-Redux applicationsMaurice De Beijer [MVP]
 
Azure Spring Cloud
Azure Spring CloudAzure Spring Cloud
Azure Spring CloudVMware Tanzu
 
Reinventing enterprise defense with the Elastic Stack
Reinventing enterprise defense with the Elastic StackReinventing enterprise defense with the Elastic Stack
Reinventing enterprise defense with the Elastic StackElasticsearch
 
Combining logs, metrics, and traces for unified observability
Combining logs, metrics, and traces for unified observabilityCombining logs, metrics, and traces for unified observability
Combining logs, metrics, and traces for unified observabilityElasticsearch
 
Designing Secure APIs in the Cloud
Designing Secure APIs in the CloudDesigning Secure APIs in the Cloud
Designing Secure APIs in the CloudPostman
 
Opening Keynote
Opening KeynoteOpening Keynote
Opening KeynoteElasticsearch
 
Logging and observability
Logging and observabilityLogging and observability
Logging and observabilityAnton Drukh
 
Atlassianconnectadd onsforeveryplatform-tanguycrusson-140925195129-phpapp01
Atlassianconnectadd onsforeveryplatform-tanguycrusson-140925195129-phpapp01Atlassianconnectadd onsforeveryplatform-tanguycrusson-140925195129-phpapp01
Atlassianconnectadd onsforeveryplatform-tanguycrusson-140925195129-phpapp01Cloud Elements
 
Combining Logs, Metrics, and Traces for Unified Observability
Combining Logs, Metrics, and Traces for Unified ObservabilityCombining Logs, Metrics, and Traces for Unified Observability
Combining Logs, Metrics, and Traces for Unified ObservabilityElasticsearch
 
Hunter Lynne - Securing AWS with Event Driven Security
Hunter Lynne - Securing AWS with Event Driven SecurityHunter Lynne - Securing AWS with Event Driven Security
Hunter Lynne - Securing AWS with Event Driven SecurityAWS Chicago
 
Monitoring MongoDB Atlas with Datadog
Monitoring MongoDB Atlas with DatadogMonitoring MongoDB Atlas with Datadog
Monitoring MongoDB Atlas with DatadogMongoDB
 
BDA309 Build Your First Big Data Application on AWS
BDA309 Build Your First Big Data Application on AWSBDA309 Build Your First Big Data Application on AWS
BDA309 Build Your First Big Data Application on AWSAmazon Web Services
 
SRV315 Building Enterprise-Grade Serverless Apps
SRV315 Building Enterprise-Grade Serverless Apps SRV315 Building Enterprise-Grade Serverless Apps
SRV315 Building Enterprise-Grade Serverless AppsAmazon Web Services
 

More Related Content

What's hot

Combinação de logs, métricas e rastreamentos para observabilidade unificada
Combinação de logs, métricas e rastreamentos para observabilidade unificadaCombinação de logs, métricas e rastreamentos para observabilidade unificada
Combinação de logs, métricas e rastreamentos para observabilidade unificadaElasticsearch
 
Introduction to aws data pipeline services
Introduction to aws data pipeline servicesIntroduction to aws data pipeline services
Introduction to aws data pipeline servicesArcBlock
 
Migrating a legacy logging system: Etsy’s journey to Elastic Cloud
Migrating a legacy logging system: Etsy’s journey to Elastic CloudMigrating a legacy logging system: Etsy’s journey to Elastic Cloud
Migrating a legacy logging system: Etsy’s journey to Elastic CloudElasticsearch
 
Transforming data into actionable insights
Transforming data into actionable insightsTransforming data into actionable insights
Transforming data into actionable insightsElasticsearch
 
Event-Sourcing your React-Redux applications at HolyJS 2016
Event-Sourcing your React-Redux applications at HolyJS 2016Event-Sourcing your React-Redux applications at HolyJS 2016
Event-Sourcing your React-Redux applications at HolyJS 2016Maurice De Beijer [MVP]
 
Event-Sourcing your React-Redux applications
Event-Sourcing your React-Redux applicationsEvent-Sourcing your React-Redux applications
Event-Sourcing your React-Redux applicationsMaurice De Beijer [MVP]
 
Event-Sourcing your React-Redux applications
Event-Sourcing your React-Redux applicationsEvent-Sourcing your React-Redux applications
Event-Sourcing your React-Redux applicationsMaurice De Beijer [MVP]
 
Azure Spring Cloud
Azure Spring CloudAzure Spring Cloud
Azure Spring CloudVMware Tanzu
 
Reinventing enterprise defense with the Elastic Stack
Reinventing enterprise defense with the Elastic StackReinventing enterprise defense with the Elastic Stack
Reinventing enterprise defense with the Elastic StackElasticsearch
 
Combining logs, metrics, and traces for unified observability
Combining logs, metrics, and traces for unified observabilityCombining logs, metrics, and traces for unified observability
Combining logs, metrics, and traces for unified observabilityElasticsearch
 
Designing Secure APIs in the Cloud
Designing Secure APIs in the CloudDesigning Secure APIs in the Cloud
Designing Secure APIs in the CloudPostman
 
Logging and observability
Logging and observabilityLogging and observability
Logging and observabilityAnton Drukh
 
Atlassianconnectadd onsforeveryplatform-tanguycrusson-140925195129-phpapp01
Atlassianconnectadd onsforeveryplatform-tanguycrusson-140925195129-phpapp01Atlassianconnectadd onsforeveryplatform-tanguycrusson-140925195129-phpapp01
Atlassianconnectadd onsforeveryplatform-tanguycrusson-140925195129-phpapp01Cloud Elements
 
Combining Logs, Metrics, and Traces for Unified Observability
Combining Logs, Metrics, and Traces for Unified ObservabilityCombining Logs, Metrics, and Traces for Unified Observability
Combining Logs, Metrics, and Traces for Unified ObservabilityElasticsearch
 
Hunter Lynne - Securing AWS with Event Driven Security
Hunter Lynne - Securing AWS with Event Driven SecurityHunter Lynne - Securing AWS with Event Driven Security
Hunter Lynne - Securing AWS with Event Driven SecurityAWS Chicago
 
Monitoring MongoDB Atlas with Datadog
Monitoring MongoDB Atlas with DatadogMonitoring MongoDB Atlas with Datadog
Monitoring MongoDB Atlas with DatadogMongoDB
 

What's hot (20)

Opening Keynote
Opening KeynoteOpening Keynote
Opening Keynote
 
Keynote
KeynoteKeynote
Keynote
 
Combinação de logs, métricas e rastreamentos para observabilidade unificada
Combinação de logs, métricas e rastreamentos para observabilidade unificadaCombinação de logs, métricas e rastreamentos para observabilidade unificada
Combinação de logs, métricas e rastreamentos para observabilidade unificada
 
Introduction to aws data pipeline services
Introduction to aws data pipeline servicesIntroduction to aws data pipeline services
Introduction to aws data pipeline services
 
Migrating a legacy logging system: Etsy’s journey to Elastic Cloud
Migrating a legacy logging system: Etsy’s journey to Elastic CloudMigrating a legacy logging system: Etsy’s journey to Elastic Cloud
Migrating a legacy logging system: Etsy’s journey to Elastic Cloud
 
Api observability
Api observability Api observability
Api observability
 
Transforming data into actionable insights
Transforming data into actionable insightsTransforming data into actionable insights
Transforming data into actionable insights
 
Event-Sourcing your React-Redux applications at HolyJS 2016
Event-Sourcing your React-Redux applications at HolyJS 2016Event-Sourcing your React-Redux applications at HolyJS 2016
Event-Sourcing your React-Redux applications at HolyJS 2016
 
Event-Sourcing your React-Redux applications
Event-Sourcing your React-Redux applicationsEvent-Sourcing your React-Redux applications
Event-Sourcing your React-Redux applications
 
Event-Sourcing your React-Redux applications
Event-Sourcing your React-Redux applicationsEvent-Sourcing your React-Redux applications
Event-Sourcing your React-Redux applications
 
Azure Spring Cloud
Azure Spring CloudAzure Spring Cloud
Azure Spring Cloud
 
Reinventing enterprise defense with the Elastic Stack
Reinventing enterprise defense with the Elastic StackReinventing enterprise defense with the Elastic Stack
Reinventing enterprise defense with the Elastic Stack
 
Combining logs, metrics, and traces for unified observability
Combining logs, metrics, and traces for unified observabilityCombining logs, metrics, and traces for unified observability
Combining logs, metrics, and traces for unified observability
 
Designing Secure APIs in the Cloud
Designing Secure APIs in the CloudDesigning Secure APIs in the Cloud
Designing Secure APIs in the Cloud
 
Opening Keynote
Opening KeynoteOpening Keynote
Opening Keynote
 
Logging and observability
Logging and observabilityLogging and observability
Logging and observability
 
Atlassianconnectadd onsforeveryplatform-tanguycrusson-140925195129-phpapp01
Atlassianconnectadd onsforeveryplatform-tanguycrusson-140925195129-phpapp01Atlassianconnectadd onsforeveryplatform-tanguycrusson-140925195129-phpapp01
Atlassianconnectadd onsforeveryplatform-tanguycrusson-140925195129-phpapp01
 
Combining Logs, Metrics, and Traces for Unified Observability
Combining Logs, Metrics, and Traces for Unified ObservabilityCombining Logs, Metrics, and Traces for Unified Observability
Combining Logs, Metrics, and Traces for Unified Observability
 
Hunter Lynne - Securing AWS with Event Driven Security
Hunter Lynne - Securing AWS with Event Driven SecurityHunter Lynne - Securing AWS with Event Driven Security
Hunter Lynne - Securing AWS with Event Driven Security
 
Monitoring MongoDB Atlas with Datadog
Monitoring MongoDB Atlas with DatadogMonitoring MongoDB Atlas with Datadog
Monitoring MongoDB Atlas with Datadog
 

Similar to Real time insights-lab

BDA309 Build Your First Big Data Application on AWS
BDA309 Build Your First Big Data Application on AWSBDA309 Build Your First Big Data Application on AWS
BDA309 Build Your First Big Data Application on AWSAmazon Web Services
 
SRV315 Building Enterprise-Grade Serverless Apps
SRV315 Building Enterprise-Grade Serverless Apps SRV315 Building Enterprise-Grade Serverless Apps
SRV315 Building Enterprise-Grade Serverless AppsAmazon Web Services
 
AWS DeepLens Workshop: Building Computer Vision Applications - BDA201 - Anahe...
AWS DeepLens Workshop: Building Computer Vision Applications - BDA201 - Anahe...AWS DeepLens Workshop: Building Computer Vision Applications - BDA201 - Anahe...
AWS DeepLens Workshop: Building Computer Vision Applications - BDA201 - Anahe...Amazon Web Services
 
Build Machine Learning Solutions on Data Lakes (ARC321) - AWS re:Invent 2018
Build Machine Learning Solutions on Data Lakes (ARC321) - AWS re:Invent 2018Build Machine Learning Solutions on Data Lakes (ARC321) - AWS re:Invent 2018
Build Machine Learning Solutions on Data Lakes (ARC321) - AWS re:Invent 2018Amazon Web Services
 
Introduction to the Serverless Cloud
Introduction to the Serverless CloudIntroduction to the Serverless Cloud
Introduction to the Serverless CloudAmazon Web Services
 
Inventory and Patch Management Using AWS Systems Manager (ARC332) - AWS re:In...
Inventory and Patch Management Using AWS Systems Manager (ARC332) - AWS re:In...Inventory and Patch Management Using AWS Systems Manager (ARC332) - AWS re:In...
Inventory and Patch Management Using AWS Systems Manager (ARC332) - AWS re:In...Amazon Web Services
 
SID301_Using AWS Lambda as a Security Team
SID301_Using AWS Lambda as a Security TeamSID301_Using AWS Lambda as a Security Team
SID301_Using AWS Lambda as a Security TeamAmazon Web Services
 
How Chick-fil-A Embraces DevSecOps on AWS - SID306 - re:Invent 2017
How Chick-fil-A Embraces DevSecOps on AWS - SID306 - re:Invent 2017How Chick-fil-A Embraces DevSecOps on AWS - SID306 - re:Invent 2017
How Chick-fil-A Embraces DevSecOps on AWS - SID306 - re:Invent 2017Amazon Web Services
 
Automated Monitoring of Operational Health in the Cloud - Mathew Green - AWS ...
Automated Monitoring of Operational Health in the Cloud - Mathew Green - AWS ...Automated Monitoring of Operational Health in the Cloud - Mathew Green - AWS ...
Automated Monitoring of Operational Health in the Cloud - Mathew Green - AWS ...Amazon Web Services
 
Applying AWS Organizations to Complex Account Structures - April 2017 AWS Onl...
Applying AWS Organizations to Complex Account Structures - April 2017 AWS Onl...Applying AWS Organizations to Complex Account Structures - April 2017 AWS Onl...
Applying AWS Organizations to Complex Account Structures - April 2017 AWS Onl...Amazon Web Services
 
SRV210 Improving Microservice and Serverless Observability with Monitoring Data
SRV210 Improving Microservice and Serverless Observability with Monitoring DataSRV210 Improving Microservice and Serverless Observability with Monitoring Data
SRV210 Improving Microservice and Serverless Observability with Monitoring DataNew Relic
 
How Amazon.com Uses AWS Management Tools - DEV340 - re:Invent 2017
How Amazon.com Uses AWS Management Tools - DEV340 - re:Invent 2017How Amazon.com Uses AWS Management Tools - DEV340 - re:Invent 2017
How Amazon.com Uses AWS Management Tools - DEV340 - re:Invent 2017Amazon Web Services
 
Serverless: State of The Union I AWS Dev Day 2018
Serverless: State of The Union I AWS Dev Day 2018Serverless: State of The Union I AWS Dev Day 2018
Serverless: State of The Union I AWS Dev Day 2018AWS Germany
 
100 Billion Data Points With Lambda_AWSPSSummit_Singapore
100 Billion Data Points With Lambda_AWSPSSummit_Singapore100 Billion Data Points With Lambda_AWSPSSummit_Singapore
100 Billion Data Points With Lambda_AWSPSSummit_SingaporeAmazon Web Services
 
Monitor All Your Things: Amazon CloudWatch in Action with BBC (DEV302) - AWS ...
Monitor All Your Things: Amazon CloudWatch in Action with BBC (DEV302) - AWS ...Monitor All Your Things: Amazon CloudWatch in Action with BBC (DEV302) - AWS ...
Monitor All Your Things: Amazon CloudWatch in Action with BBC (DEV302) - AWS ...Amazon Web Services
 
Migrating Microsoft Applications to AWS like an Expert - AWS Summit Sydney 2018
Migrating Microsoft Applications to AWS like an Expert - AWS Summit Sydney 2018Migrating Microsoft Applications to AWS like an Expert - AWS Summit Sydney 2018
Migrating Microsoft Applications to AWS like an Expert - AWS Summit Sydney 2018Amazon Web Services
 
Nirav Kothari: Well-Architected - Operational Excellence Instructor Led Lab.pdf
Nirav Kothari: Well-Architected - Operational Excellence Instructor Led Lab.pdfNirav Kothari: Well-Architected - Operational Excellence Instructor Led Lab.pdf
Nirav Kothari: Well-Architected - Operational Excellence Instructor Led Lab.pdfAmazon Web Services
 
Work Anywhere with Amazon Workspaces (Level: 200)
Work Anywhere with Amazon Workspaces (Level: 200)Work Anywhere with Amazon Workspaces (Level: 200)
Work Anywhere with Amazon Workspaces (Level: 200)Amazon Web Services
 

Similar to Real time insights-lab (20)

BDA309 Build Your First Big Data Application on AWS
BDA309 Build Your First Big Data Application on AWSBDA309 Build Your First Big Data Application on AWS
BDA309 Build Your First Big Data Application on AWS
 
SRV315 Building Enterprise-Grade Serverless Apps
SRV315 Building Enterprise-Grade Serverless Apps SRV315 Building Enterprise-Grade Serverless Apps
SRV315 Building Enterprise-Grade Serverless Apps
 
AWS DeepLens Workshop: Building Computer Vision Applications - BDA201 - Anahe...
AWS DeepLens Workshop: Building Computer Vision Applications - BDA201 - Anahe...AWS DeepLens Workshop: Building Computer Vision Applications - BDA201 - Anahe...
AWS DeepLens Workshop: Building Computer Vision Applications - BDA201 - Anahe...
 
Build Machine Learning Solutions on Data Lakes (ARC321) - AWS re:Invent 2018
Build Machine Learning Solutions on Data Lakes (ARC321) - AWS re:Invent 2018Build Machine Learning Solutions on Data Lakes (ARC321) - AWS re:Invent 2018
Build Machine Learning Solutions on Data Lakes (ARC321) - AWS re:Invent 2018
 
Introduction to the Serverless Cloud
Introduction to the Serverless CloudIntroduction to the Serverless Cloud
Introduction to the Serverless Cloud
 
Inventory and Patch Management Using AWS Systems Manager (ARC332) - AWS re:In...
Inventory and Patch Management Using AWS Systems Manager (ARC332) - AWS re:In...Inventory and Patch Management Using AWS Systems Manager (ARC332) - AWS re:In...
Inventory and Patch Management Using AWS Systems Manager (ARC332) - AWS re:In...
 
SID301_Using AWS Lambda as a Security Team
SID301_Using AWS Lambda as a Security TeamSID301_Using AWS Lambda as a Security Team
SID301_Using AWS Lambda as a Security Team
 
How Chick-fil-A Embraces DevSecOps on AWS - SID306 - re:Invent 2017
How Chick-fil-A Embraces DevSecOps on AWS - SID306 - re:Invent 2017How Chick-fil-A Embraces DevSecOps on AWS - SID306 - re:Invent 2017
How Chick-fil-A Embraces DevSecOps on AWS - SID306 - re:Invent 2017
 
Automated Monitoring of Operational Health in the Cloud - Mathew Green - AWS ...
Automated Monitoring of Operational Health in the Cloud - Mathew Green - AWS ...Automated Monitoring of Operational Health in the Cloud - Mathew Green - AWS ...
Automated Monitoring of Operational Health in the Cloud - Mathew Green - AWS ...
 
Applying AWS Organizations to Complex Account Structures - April 2017 AWS Onl...
Applying AWS Organizations to Complex Account Structures - April 2017 AWS Onl...Applying AWS Organizations to Complex Account Structures - April 2017 AWS Onl...
Applying AWS Organizations to Complex Account Structures - April 2017 AWS Onl...
 
SRV210 Improving Microservice and Serverless Observability with Monitoring Data
SRV210 Improving Microservice and Serverless Observability with Monitoring DataSRV210 Improving Microservice and Serverless Observability with Monitoring Data
SRV210 Improving Microservice and Serverless Observability with Monitoring Data
 
How Amazon.com Uses AWS Management Tools - DEV340 - re:Invent 2017
How Amazon.com Uses AWS Management Tools - DEV340 - re:Invent 2017How Amazon.com Uses AWS Management Tools - DEV340 - re:Invent 2017
How Amazon.com Uses AWS Management Tools - DEV340 - re:Invent 2017
 
Serverless: State of The Union I AWS Dev Day 2018
Serverless: State of The Union I AWS Dev Day 2018Serverless: State of The Union I AWS Dev Day 2018
Serverless: State of The Union I AWS Dev Day 2018
 
100 Billion Data Points With Lambda_AWSPSSummit_Singapore
100 Billion Data Points With Lambda_AWSPSSummit_Singapore100 Billion Data Points With Lambda_AWSPSSummit_Singapore
100 Billion Data Points With Lambda_AWSPSSummit_Singapore
 
Serverless - State of the Union
Serverless - State of the UnionServerless - State of the Union
Serverless - State of the Union
 
Monitor All Your Things: Amazon CloudWatch in Action with BBC (DEV302) - AWS ...
Monitor All Your Things: Amazon CloudWatch in Action with BBC (DEV302) - AWS ...Monitor All Your Things: Amazon CloudWatch in Action with BBC (DEV302) - AWS ...
Monitor All Your Things: Amazon CloudWatch in Action with BBC (DEV302) - AWS ...
 
Migrating Microsoft Applications to AWS like an Expert - AWS Summit Sydney 2018
Migrating Microsoft Applications to AWS like an Expert - AWS Summit Sydney 2018Migrating Microsoft Applications to AWS like an Expert - AWS Summit Sydney 2018
Migrating Microsoft Applications to AWS like an Expert - AWS Summit Sydney 2018
 
What's New in Serverless
What's New in ServerlessWhat's New in Serverless
What's New in Serverless
 
Nirav Kothari: Well-Architected - Operational Excellence Instructor Led Lab.pdf
Nirav Kothari: Well-Architected - Operational Excellence Instructor Led Lab.pdfNirav Kothari: Well-Architected - Operational Excellence Instructor Led Lab.pdf
Nirav Kothari: Well-Architected - Operational Excellence Instructor Led Lab.pdf
 
Work Anywhere with Amazon Workspaces (Level: 200)
Work Anywhere with Amazon Workspaces (Level: 200)Work Anywhere with Amazon Workspaces (Level: 200)
Work Anywhere with Amazon Workspaces (Level: 200)
 

Recently uploaded

Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Alan Dix
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure servicePooja Nehwal
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitecturePixlogix Infotech
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfEnterprise Knowledge
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024Scott Keck-Warren
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityPrincipled Technologies
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxOnBoard
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...HostedbyConfluent
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Igalia
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slidevu2urc
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesSinan KOZAK
 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Paola De la Torre
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Allon Mureinik
 

Recently uploaded (20)

Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC Architecture
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptx
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen Frames
 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)
 

Real time insights-lab

  • 1. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved Lab Preparation and Real-Time Insights Lab Greg McConnel, Security Solutions Architect Jesse Fuchs, Security Solutions Architect
  • 2. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved Agenda 1. Prep for GuardDuty Lab 2. Address any account or credit issues 3. Real Time Insight Lab
  • 3. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved Preparation for GuardDuty Lab • We strongly recommend using your own AWS account, not a work account • Set up a new account if needed • We will provide AWS credits • GuardDuty is at no cost for the first 30 days (if you already had GuardDuty setup in your account you can open a new account for the lab)
  • 4. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved Entering the AWS Account Credits • In the AWS Console, click in the upper right hand corner where your name is and choose My Account • On the left hand side click Credits • Enter the code
  • 5. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved Real-Time Insights Lab
  • 6. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved Architecture https://aws.amazon.com/answers/account-management/real-time-insights-account-activity/
  • 7. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved Solution Details • CloudTrail records activity from the Console, SDKs, CLI, and other AWS services • CloudWatch event rule monitors for CloudTrail activity and sends data to Kinesis Firehose • Kinesis Firehose archives the events to S3 and sends the data to Kinesis Analytics for processing. • Once processed, the data is sent to Kinesis Streams. A Lambda function reads data from the stream and sends to a DynamoDB table to be stored and then read from the dashboard • Dashboard is a web page in S3 that uses Cognito user pools for access
  • 8. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved Solution Walkthrough
  • 9. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved URL http://lab.gregmcconnel.net/
  • 10. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved Real-Time Insights Lab Questions: 1. Is this dashboard truly “real-time”? 2. How does the dashboard get access to DynamoDB? 3. How scalable is the solution? 4. How is the anomaly metric calculated? 5. What services or calls are not being monitored by this solution? http://lab.gregmcconnel.net/
  • 11. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved aws.amazon.com/activate Everything and Anything Startups Need to Get Started on AWS