Amazon Inspector monitoring
- How-to guide
- 2-min read
- Published Oct 12, 2020
Dynatrace ingests metrics for multiple preselected namespaces, including Amazon Inspector. You can view metrics for each service instance, split metrics into multiple dimensions, and create custom charts that you can pin to your dashboards.
Prerequisites
To enable monitoring for this service, you need
- An Environment or Cluster ActiveGate version 1.203+
- Dynatrace version 1.204+
- An updated AWS monitoring policy to include the additional AWS services.
To update the AWS IAM policy, use the JSON below.
{"Version": "2012-10-17","Statement": [{"Sid": "VisualEditor0","Effect": "Allow","Action": ["acm-pca:ListCertificateAuthorities","apigateway:GET","apprunner:ListServices","appstream:DescribeFleets","appsync:ListGraphqlApis","athena:ListWorkGroups","autoscaling:DescribeAutoScalingGroups","cloudformation:ListStackResources","cloudfront:ListDistributions","cloudhsm:DescribeClusters","cloudsearch:DescribeDomains","cloudwatch:GetMetricData","cloudwatch:GetMetricStatistics","cloudwatch:ListMetrics","codebuild:ListProjects","datasync:ListTasks","dax:DescribeClusters","directconnect:DescribeConnections","dms:DescribeReplicationInstances","dynamodb:ListTables","dynamodb:ListTagsOfResource","ec2:DescribeAvailabilityZones","ec2:DescribeInstances","ec2:DescribeNatGateways","ec2:DescribeSpotFleetRequests","ec2:DescribeTransitGateways","ec2:DescribeVolumes","ec2:DescribeVpnConnections","ecs:ListClusters","eks:ListClusters","elasticache:DescribeCacheClusters","elasticbeanstalk:DescribeEnvironmentResources","elasticbeanstalk:DescribeEnvironments","elasticfilesystem:DescribeFileSystems","elasticloadbalancing:DescribeInstanceHealth","elasticloadbalancing:DescribeListeners","elasticloadbalancing:DescribeLoadBalancers","elasticloadbalancing:DescribeRules","elasticloadbalancing:DescribeTags","elasticloadbalancing:DescribeTargetHealth","elasticmapreduce:ListClusters","elastictranscoder:ListPipelines","es:ListDomainNames","events:ListEventBuses","firehose:ListDeliveryStreams","fsx:DescribeFileSystems","gamelift:ListFleets","glue:GetJobs","inspector:ListAssessmentTemplates","kafka:ListClusters","kinesis:ListStreams","kinesisanalytics:ListApplications","kinesisvideo:ListStreams","lambda:ListFunctions","lambda:ListTags","lex:GetBots","logs:DescribeLogGroups","mediaconnect:ListFlows","mediaconvert:DescribeEndpoints","mediapackage-vod:ListPackagingConfigurations","mediapackage:ListChannels","mediatailor:ListPlaybackConfigurations","opsworks:DescribeStacks","qldb:ListLedgers","rds:DescribeDBClusters","rds:DescribeDBInstances","rds:DescribeEvents","rds:ListTagsForResource","redshift:DescribeClusters","robomaker:ListSimulationJobs","route53:ListHostedZones","route53resolver:ListResolverEndpoints","s3:ListAllMyBuckets","sagemaker:ListEndpoints","sns:ListTopics","sqs:ListQueues","storagegateway:ListGateways","sts:GetCallerIdentity","swf:ListDomains","tag:GetResources","tag:GetTagKeys","transfer:ListServers","workmail:ListOrganizations","workspaces:DescribeWorkspaces"],"Resource": "*"}]}
Endpoint
Service
autoscaling.<REGION>.amazonaws.comAmazon EC2 Auto Scaling (built-in), Amazon EC2 Auto Scaling
lambda.<REGION>.amazonaws.comAWS Lambda (built-in), AWS Lambda
elasticloadbalancing.<REGION>.amazonaws.comAmazon Application and Network Load Balancer (built-in), Amazon Elastic Load Balancer (ELB) (built-in)
dynamodb.<REGION>.amazonaws.comAmazon DynamoDB (built-in), Amazon DynamoDB
ec2.<REGION>.amazonaws.comAmazon EBS (built-in), Amazon EC2 (built-in), Amazon EBS, Amazon EC2 Spot Fleet, Amazon VPC NAT Gateways, AWS Transit Gateway, AWS Site-to-Site VPN
rds.<REGION>.amazonaws.comAmazon RDS (built-in), Amazon Aurora, Amazon DocumentDB, Amazon Neptune, Amazon RDS
s3.<REGION>.amazonaws.comAmazon S3 (built-in)
acm-pca.<REGION>.amazonaws.comAWS Certificate Manager Private Certificate Authority
apigateway.<REGION>.amazonaws.comAmazon API Gateway
apprunner.<REGION>.amazonaws.comAWS App Runner
appstream2.<REGION>.amazonaws.comAmazon AppStream
appsync.<REGION>.amazonaws.comAWS AppSync
athena.<REGION>.amazonaws.comAmazon Athena
cloudfront.amazonaws.comAmazon CloudFront
cloudhsmv2.<REGION>.amazonaws.comAWS CloudHSM
cloudsearch.<REGION>.amazonaws.comAmazon CloudSearch
codebuild.<REGION>.amazonaws.comAWS CodeBuild
datasync.<REGION>.amazonaws.comAWS DataSync
dax.<REGION>.amazonaws.comAmazon DynamoDB Accelerator (DAX)
dms.<REGION>.amazonaws.comAWS Database Migration Service (AWS DMS)
directconnect.<REGION>.amazonaws.comAWS Direct Connect
ecs.<REGION>.amazonaws.comAmazon Elastic Container Service (ECS), Amazon ECS Container Insights
elasticfilesystem.<REGION>.amazonaws.comAmazon Elastic File System (EFS)
eks.<REGION>.amazonaws.comAmazon Elastic Kubernetes Service (EKS)
elasticache.<REGION>.amazonaws.comAmazon ElastiCache (EC)
elasticbeanstalk.<REGION>.amazonaws.comAWS Elastic Beanstalk
elastictranscoder.<REGION>.amazonaws.comAmazon Elastic Transcoder
es.<REGION>.amazonaws.comAmazon Elasticsearch Service (ES)
events.<REGION>.amazonaws.comAmazon EventBridge
fsx.<REGION>.amazonaws.comAmazon FSx
gamelift.<REGION>.amazonaws.comAmazon GameLift
glue.<REGION>.amazonaws.comAWS Glue
inspector.<REGION>.amazonaws.comAmazon Inspector
kafka.<REGION>.amazonaws.comAmazon Managed Streaming for Kafka
models.lex.<REGION>.amazonaws.comAmazon Lex
logs.<REGION>.amazonaws.comAmazon CloudWatch Logs
api.mediatailor.<REGION>.amazonaws.comAWS Elemental MediaTailor
mediaconnect.<REGION>.amazonaws.comAWS Elemental MediaConnect
mediapackage.<REGION>.amazonaws.comAWS Elemental MediaPackage Live
mediapackage-vod.<REGION>.amazonaws.comAWS Elemental MediaPackage Video on Demand
opsworks.<REGION>.amazonaws.comAWS OpsWorks
qldb.<REGION>.amazonaws.comAmazon QLDB
redshift.<REGION>.amazonaws.comAmazon Redshift
robomaker.<REGION>.amazonaws.comAWS RoboMaker
route53.amazonaws.comAmazon Route 53
route53resolver.<REGION>.amazonaws.comAmazon Route 53 Resolver
api.sagemaker.<REGION>.amazonaws.comAmazon SageMaker Endpoints, Amazon SageMaker Endpoint Instances
sns.<REGION>.amazonaws.comAmazon Simple Notification Service (SNS)
sqs.<REGION>.amazonaws.comAmazon Simple Queue Service (SQS)
storagegateway.<REGION>.amazonaws.comAWS Storage Gateway
swf.<REGION>.amazonaws.comAmazon SWF
transfer.<REGION>.amazonaws.comAWS Transfer Family
workmail.<REGION>.amazonaws.comAmazon WorkMail
workspaces.<REGION>.amazonaws.comAmazon WorkSpaces
Enable monitoring
To learn how to enable service monitoring, see Enable service monitoring.
View service metrics
You can view the service metrics in your Dynatrace environment either on the custom device overview page or on your Dashboards page.
View metrics on the custom device overview page
To access the custom device overview page
- Go to Technologies & Processes Classic.
- Filter by service name and select the relevant custom device group.
- Once you select the custom device group, you're on the custom device group overview page.
- The custom device group overview page lists all instances (custom devices) belonging to the group. Select an instance to view the custom device overview page.
View metrics on your dashboard
After you add the service to monitoring, a preset dashboard containing all recommended metrics is automatically listed on your Dashboards page. To look for specific dashboards, filter by Preset and then by Name.
For existing monitored services, you might need to resave your credentials for the preset dashboard to appear on the Dashboards page. To resave your credentials, go to Settings > Cloud and virtualization > AWS, select the desired AWS instance, and then select Save.
You can't make changes on a preset dashboard directly, but you can clone and edit it. To clone a dashboard, open the browse menu (…) and select Clone.
To remove a dashboard from the dashboards page, you can hide it. To hide a dashboard, open the browse menu (…) and select Hide.
Hiding a dashboard doesn't affect other users.
To check the availability of preset dashboards for each AWS service, see the list below.
AWS service
Preset dashboard
Amazon EC2 Auto Scaling (built-in)
AWS Lambda (built-in)
Amazon Application and Network Load Balancer (built-in)
Amazon DynamoDB (built-in)
Amazon EBS (built-in)
Amazon EC2 (built-in)
Amazon Elastic Load Balancer (ELB) (built-in)
Amazon RDS (built-in)
Amazon S3 (built-in)
AWS Certificate Manager Private Certificate Authority
All monitored Amazon services
Amazon API Gateway
AWS App Runner
Amazon AppStream
AWS AppSync
Amazon Athena
Amazon Aurora
Amazon EC2 Auto Scaling
AWS Billing
Amazon Keyspaces
AWS Chatbot
Amazon CloudFront
AWS CloudHSM
Amazon CloudSearch
AWS CodeBuild
Amazon Cognito
Amazon Connect
AWS DataSync
Amazon DynamoDB Accelerator (DAX)
AWS Database Migration Service (AWS DMS)
Amazon DocumentDB
AWS Direct Connect
Amazon DynamoDB
Amazon EBS
Amazon EC2 Spot Fleet
Amazon EC2 API
Amazon Elastic Container Service (ECS)
Amazon ECS Container Insights
Amazon Elastic File System (EFS)
Amazon Elastic Kubernetes Service (EKS)
Amazon ElastiCache (EC)
AWS Elastic Beanstalk
Amazon Elastic Inference
Amazon Elastic Transcoder
Amazon Elastic Map Reduce (EMR)
Amazon Elasticsearch Service (ES)
Amazon EventBridge
Amazon FSx
Amazon GameLift
AWS Glue
Amazon Inspector
AWS Internet of Things (IoT)
AWS IoT Things Graph
AWS IoT Analytics
Amazon Managed Streaming for Kafka
Amazon Kinesis Data Analytics
Amazon Data Firehose
Amazon Kinesis Data Streams
Amazon Kinesis Video Streams
AWS Lambda
Amazon Lex
Amazon CloudWatch Logs
AWS Elemental MediaTailor
AWS Elemental MediaConnect
AWS Elemental MediaConvert
AWS Elemental MediaPackage Live
AWS Elemental MediaPackage Video on Demand
Amazon MQ
Amazon VPC NAT Gateways
Amazon Neptune
AWS OpsWorks
Amazon Polly
Amazon QLDB
Amazon RDS
Amazon Redshift
Amazon Rekognition
AWS RoboMaker
Amazon Route 53
Amazon Route 53 Resolver
Amazon S3
Amazon SageMaker Batch Transform Jobs
Amazon SageMaker Endpoints
Amazon SageMaker Endpoint Instances
Amazon SageMaker Ground Truth
Amazon SageMaker Processing Jobs
Amazon SageMaker Training Jobs
AWS Service Catalog
Amazon Simple Email Service (SES)
Amazon Simple Notification Service (SNS)
Amazon Simple Queue Service (SQS)
AWS Systems Manager - Run Command
AWS Step Functions
AWS Storage Gateway
Amazon SWF
Amazon Textract
AWS Transfer Family
AWS Transit Gateway
Amazon Translate
AWS Trusted Advisor
AWS API Usage
AWS Site-to-Site VPN
AWS WAF Classic
AWS WAF
Amazon WorkMail
Amazon WorkSpaces
Available metrics
AssessmentTemplateArn is the main dimension.
Name
Description
Unit
Statistics
Dimensions
Recommended
TotalAssessmentRuns
Number of assessment runs for this target
Count
Sum
Region, AssessmentTargetArn, AssessmentTargetName
TotalAssessmentRuns
Count
Sum
AssessmentTemplateArn, AssessmentTemplateName
TotalFindings
Number of findings for this template
Count
Sum
Region, AssessmentTargetArn, AssessmentTargetName
TotalFindings
Count
Sum
AssessmentTemplateArn, AssessmentTemplateName
TotalHealthyAgents
Number of agents that match this target that are healthy
Count
Sum
Region, AssessmentTargetArn, AssessmentTargetName
TotalHealthyAgents
Count
Sum
AssessmentTemplateArn, AssessmentTemplateName
TotalMatchingAgents
Number of agents that match this template
Count
Sum
Region, AssessmentTargetArn, AssessmentTargetName
TotalMatchingAgents
Count
Sum
AssessmentTemplateArn, AssessmentTemplateName
Related tags
Infrastructure Observability