All Apps and Add-ons

Splunk App for AWS: Is there a way to ignore specific vulnerabilities within search results on Amazon Inspector dashboard?

Contributor

Wondering if there is a way to not include / ignore specific vulnerabilities within search results on the Insights > Amazon Inspector dashboard?

There are several "High" vulnerabilities that are present in my environment that I would like to suppress in the results e.g. Windows Firewall (we are using a third party product)

I have my gold image and would like all residual vulnerabilities to not appear in the results - only the ones which are "net new" and have not been vetted.

If this is not possible, perhaps this functionality can be included in the next version?

0 Karma
1 Solution

Splunk Employee
Splunk Employee

Hi klaxdal,

Currently, the Amazon Inspector Insights dashboard does not let you easily suppress and filter out data you don't want. I will reach out to the product team to let them know about this requirement.

However, the recent 5.0.0 release introduces the feature below:
Configure anomaly detection rules for detecting anomalies in AWS account access activity and billing records in the Security Anomaly Insights dashboard and Billing Anomaly Insights dashboard respectively.

Hope this helps. Thanks!
Hunter

View solution in original post

0 Karma

Splunk Employee
Splunk Employee

Hi klaxdal,

Currently, the Amazon Inspector Insights dashboard does not let you easily suppress and filter out data you don't want. I will reach out to the product team to let them know about this requirement.

However, the recent 5.0.0 release introduces the feature below:
Configure anomaly detection rules for detecting anomalies in AWS account access activity and billing records in the Security Anomaly Insights dashboard and Billing Anomaly Insights dashboard respectively.

Hope this helps. Thanks!
Hunter

View solution in original post

0 Karma

Contributor

Thanks Hunter

0 Karma