Skip to main content

Amazon Inspector

The Amazon Inspector Matano managed log source lets you ingest your Amazon Inspector findings directly into Matano.

Amazon Inspector provides automated vulnerability scanning and reports findings from scanning your EC2 instances, ECR images, and Lambda functions.

Usage

Use the managed log source by specifying the managed.type property in your log_source as AWS_INSPECTOR.

name: "aws_inspector"

managed:
type: "AWS_INSPECTOR"

Tables

The Amazon Inspector managed log source supports a single table containing Amazon Inspector findings.

Ingest

Managed (Polling)

Matano will automatically pull Amazon Inspector findings from your AWS account by using the ListFindings Amazon Inspector API on a constant schedule (defaults to every 5 minutes).

Schema

Amazon Inspector findings data is normalized to ECS fields. Custom fields are normalized into the aws.inspector field. You can view the complete mapping to see the full schema.