Skip to content

AWS Guard Duty

Retrieve the Detector ID #

To find the detectorId in the current Region, see the Settings page in the GuardDuty console, or run the ListDetectors API.

You will need to provide the detectorID to SolCyber.

Authorize the IAM User #

  1. Create an IAM service account to user for Securonix log ingestion. You may already have one if you have previously configured CloudTrail logs for Securonix.
  2. Authorize the IAM User using the steps under Change permissions for an IAM user. When prompted during the configuration, attach the AmazonGuardDutyReadOnlyAccess AWS managed policies to the authorized user.
  3. Copy and save the Secret Key, and Access ID and provide these values to SolCyber.