# Prometheus exporter for AWS GuardDuty
## Features
- Exports the number of current (unarchived) findings from AWS GuardDuty, splitted by region and severity
- Supports multiple AWS regions
## Exported metrics
The exporter exports the following metrics:
| Metric name | Type | Labels | Description |
| ------------------------------------ | -------- | -------------------- | ---------------- |
| `aws_guardduty_exporter_up` | gauge | _None_ | Always `1`: can be used to check if it's running |
| `aws_guardduty_current_findings` | gauge | `region`, `severity` | The current number of unarchived findings |
| `aws_guardduty_scrape_errors_total` | counter | `region`, `severity` | The total number of scrape errors |
## How to run it
You have two options to run it:
1. Manually install and run the [`prometheus-aws-guardduty-exporter` Python package](https://pypi.org/project/prometheus-aws-guardduty-exporter/)
```
pip3 install prometheus-aws-guardduty-exporter
prometheus-aws-guardduty-exporter --region us-east-1
```
2. Use the [Docker image available on Docker hub](https://hub.docker.com/r/spreaker/prometheus-aws-guardduty-exporter/)
```
docker run --env AWS_ACCESS_KEY_ID="id" --env AWS_SECRET_ACCESS_KEY="secret" spreaker/prometheus-aws-guardduty-exporter --region us-east-1
```
The cli supports the following arguments:
| Argument | Required | Description |
| ------------------------------ | -------- | ----------- |
| `--region REGION [REGION ...]` | yes | AWS GuardDuty region (can specify multiple space separated regions) |
| `--exporter-host` | | The host at which the Prometheus exporter should listen to. Defaults to `127.0.0.1` |
| `--exporter-port` | | The port at which the Prometheus exporter should listen to. Defaults to `9100` |
| `--log-level LOG_LEVEL` | | Minimum log level. Accepted values are: `DEBUG`, `INFO`, `WARNING`, `ERROR`, `CRITICAL`. Defaults to `INFO` |
## Required IAM privileges
In order to successfully run, this application requires the following IAM privileges:
```
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "ListDetectorsAndGetFindingsStatisticsInAnyRegion",
"Effect": "Allow",
"Action": [
"guardduty:ListDetectors",
"guardduty:GetFindingsStatistics"
],
"Resource": "*"
}
]
}
```
## Development
Run the development environment:
```
docker-compose build dev && docker-compose run --rm dev
```
Run tests in the dev environment:
```
python3 -m unittest
```
## License
This software is released under the [MIT license](LICENSE.txt).
Raw data
{
"_id": null,
"home_page": "https://github.com/spreaker/prometheus-aws-guardduty-exporter",
"name": "prometheus-aws-guardduty-exporter",
"maintainer": "",
"docs_url": null,
"requires_python": ">= 3.11",
"maintainer_email": "",
"keywords": "prometheus,aws,guardduty",
"author": "Spreaker",
"author_email": "dev@spreaker.com",
"download_url": "https://files.pythonhosted.org/packages/bd/21/3b663d66fbbf2854df6a6092004df6cd0e2aebac1f07c8f71d0da77f7d55/prometheus-aws-guardduty-exporter-2.0.0.tar.gz",
"platform": null,
"description": "# Prometheus exporter for AWS GuardDuty\n\n\n## Features\n\n- Exports the number of current (unarchived) findings from AWS GuardDuty, splitted by region and severity\n- Supports multiple AWS regions\n\n\n## Exported metrics\n\nThe exporter exports the following metrics:\n\n| Metric name | Type | Labels | Description |\n| ------------------------------------ | -------- | -------------------- | ---------------- |\n| `aws_guardduty_exporter_up` | gauge | _None_ | Always `1`: can be used to check if it's running |\n| `aws_guardduty_current_findings` | gauge | `region`, `severity` | The current number of unarchived findings |\n| `aws_guardduty_scrape_errors_total` | counter | `region`, `severity` | The total number of scrape errors |\n\n\n## How to run it\n\nYou have two options to run it:\n\n1. Manually install and run the [`prometheus-aws-guardduty-exporter` Python package](https://pypi.org/project/prometheus-aws-guardduty-exporter/)\n ```\n pip3 install prometheus-aws-guardduty-exporter\n\n prometheus-aws-guardduty-exporter --region us-east-1\n ```\n\n2. Use the [Docker image available on Docker hub](https://hub.docker.com/r/spreaker/prometheus-aws-guardduty-exporter/)\n ```\n docker run --env AWS_ACCESS_KEY_ID=\"id\" --env AWS_SECRET_ACCESS_KEY=\"secret\" spreaker/prometheus-aws-guardduty-exporter --region us-east-1\n ```\n\nThe cli supports the following arguments:\n\n| Argument | Required | Description |\n| ------------------------------ | -------- | ----------- |\n| `--region REGION [REGION ...]` | yes | AWS GuardDuty region (can specify multiple space separated regions) |\n| `--exporter-host` | | The host at which the Prometheus exporter should listen to. Defaults to `127.0.0.1` |\n| `--exporter-port` | | The port at which the Prometheus exporter should listen to. Defaults to `9100` |\n| `--log-level LOG_LEVEL` | | Minimum log level. Accepted values are: `DEBUG`, `INFO`, `WARNING`, `ERROR`, `CRITICAL`. Defaults to `INFO` |\n\n\n## Required IAM privileges\n\nIn order to successfully run, this application requires the following IAM privileges:\n\n```\n{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Sid\": \"ListDetectorsAndGetFindingsStatisticsInAnyRegion\",\n \"Effect\": \"Allow\",\n \"Action\": [\n \"guardduty:ListDetectors\",\n \"guardduty:GetFindingsStatistics\"\n ],\n \"Resource\": \"*\"\n }\n ]\n}\n```\n\n\n## Development\n\nRun the development environment:\n\n```\ndocker-compose build dev && docker-compose run --rm dev\n```\n\nRun tests in the dev environment:\n\n```\npython3 -m unittest\n```\n\n\n## License\n\nThis software is released under the [MIT license](LICENSE.txt).\n",
"bugtrack_url": null,
"license": "",
"summary": "Prometheus exporter for AWS GuardDuty",
"version": "2.0.0",
"project_urls": {
"Download": "https://github.com/spreaker/prometheus-aws-guardduty-exporter/archive/2.0.0.tar.gz",
"Homepage": "https://github.com/spreaker/prometheus-aws-guardduty-exporter"
},
"split_keywords": [
"prometheus",
"aws",
"guardduty"
],
"urls": [
{
"comment_text": "",
"digests": {
"blake2b_256": "bd213b663d66fbbf2854df6a6092004df6cd0e2aebac1f07c8f71d0da77f7d55",
"md5": "8a5045f8f236e7d603723f9ee7d3d374",
"sha256": "3a1621860df2715e2fef036b0d6b1404c15756983612362002a24ef8e1777c94"
},
"downloads": -1,
"filename": "prometheus-aws-guardduty-exporter-2.0.0.tar.gz",
"has_sig": false,
"md5_digest": "8a5045f8f236e7d603723f9ee7d3d374",
"packagetype": "sdist",
"python_version": "source",
"requires_python": ">= 3.11",
"size": 6772,
"upload_time": "2023-09-26T08:19:06",
"upload_time_iso_8601": "2023-09-26T08:19:06.971241Z",
"url": "https://files.pythonhosted.org/packages/bd/21/3b663d66fbbf2854df6a6092004df6cd0e2aebac1f07c8f71d0da77f7d55/prometheus-aws-guardduty-exporter-2.0.0.tar.gz",
"yanked": false,
"yanked_reason": null
}
],
"upload_time": "2023-09-26 08:19:06",
"github": true,
"gitlab": false,
"bitbucket": false,
"codeberg": false,
"github_user": "spreaker",
"github_project": "prometheus-aws-guardduty-exporter",
"travis_ci": false,
"coveralls": false,
"github_actions": false,
"lcname": "prometheus-aws-guardduty-exporter"
}
JSON
