2 Answers
- Newest
- Most votes
- Most comments
0
Try the following documentation:
answered a year ago
0
Hey Vijay, All the logging is done on the backend as GuardDuty gets them directly from the relevant services. You do not need to enable any resource logging. GuardDuty analyses CloudTrail management event logs, CloudTrail S3 data event logs, VPC Flow Logs, DNS query logs, and Amazon EKS audit logs without you enabling any resource logs. Please refer to the following for more information: 1/ workshop session showing how to setup GuardDuty in a Control tower environment. https://controltower.aws-management.tools/security/guardduty/ 2/ troubleshooting section as well https://docs.aws.amazon.com/guardduty/latest/ug/troubleshooting.html Do not hesitate to contact AWS Support for further assistance if needed.
answered 10 months ago
Relevant content
- Accepted Answerasked 6 months ago
- asked 2 months ago
- AWS OFFICIALUpdated 2 years ago
- AWS OFFICIALUpdated 2 years ago
- AWS OFFICIALUpdated a year ago
- AWS OFFICIALUpdated 2 years ago
I have aldready enabled Guard duty in an audit account and made that a delegated account. Now i dont see the logs or insights for that account in my audit account. Need to know what type of resource logs should be enabled to get the logs of all accounts.