AWS Incident Daily Digest Trends

The AWS Incident Daily Digest Trends report provides a histogram chart that allows you to review trends in daily Amazon Web Services (AWS) incidents for a selected date range. Use this report to evaluate trends in AWS incidents by threat level, classification, and type.

For more information about incidents, see Incidents.

You must configure Amazon GuardDuty for associated incidents to be displayed in Alert Logic console. For more information, see Integrate Amazon GuardDuty Findings into Alert Logic Incidents.

To access the AWS Incident Daily Digest Trends report:

  1. In the Alert Logic console, click the menu icon (), and then click Validate.
  2. Click Reports, and then click Threats.
  3. Under AWS Incident Analysis, click VIEW.
  4. Click AWS Incident Daily Digest Trends.

Filter the report

To refine your findings, filter your report by Date Range, Customer Account, Detection Source, Deployment Name, VPC and Container Image Name.

Filter the report using drop-down menus

By default, Alert Logic includes (All) filter values in the report.

To add or remove filter values:

  1. Click the drop-down menu in the filter, and then select or clear values.
  2. Click Apply.

Filter the report using visuals

To refine your findings, click an item within a visual. To filter by multiple items, hold down Ctrl or Command, and then click each item in a visual that you want to use to apply a filter. You can filter using visuals and items selected in different sections. Click on an item again to remove a filter.

Incident Count Trend in Selected Period section

This section provides a histogram chart of total daily incident count for the selected date range.

Threat Level section

This section provides the count and percentages of incidents in each threat level for the selected date range.

Classification section

This section provides the count and percentages for each incident classification in a color-coded bar graph for the selected date range.

Incident Type section

This section displays a bar graph of the daily incident count and percentages by each type for the selected date range.

List of Incidents section

This section provides a complete list of incidents for the selected date range with detailed information about Customer Account, Create Time, Detection Source, Incident ID, Summary, Threat Level, Classification, and Incident Type.