Fortinet black logo

AWS Administration Guide

(Optional) Generating sample findings in GuardDuty

Copy Link
Copy Doc ID 9e3b59dc-ba0b-11e9-a989-00505692583a:325412
Download PDF

(Optional) Generating sample findings in GuardDuty

Amazon GuardDuty monitors your AWS infrastructures on a continuous basis to detect malicious or unauthorized behavior and creates records based on such findings. If you have just subscribed to GuardDuty for the first time, you will see no findings in the list. You can click Generate sample findings under Settings and get some samples. Then several dummy findings marked as “[SAMPLE]” are created. As long as you have set up the Lambda function and CloudWatch correctly, some of those sample findings trigger the CloudWatch event rule to run the Lambda function. A few new IP addresses eventually appear in the ip_blocklist.

(Optional) Generating sample findings in GuardDuty

Amazon GuardDuty monitors your AWS infrastructures on a continuous basis to detect malicious or unauthorized behavior and creates records based on such findings. If you have just subscribed to GuardDuty for the first time, you will see no findings in the list. You can click Generate sample findings under Settings and get some samples. Then several dummy findings marked as “[SAMPLE]” are created. As long as you have set up the Lambda function and CloudWatch correctly, some of those sample findings trigger the CloudWatch event rule to run the Lambda function. A few new IP addresses eventually appear in the ip_blocklist.