Ingest Amazon ECR vulnerability findings and scan events

Latest Dynatrace Preview

In the following, you'll learn how to ingest container vulnerability findings and scan events from AWS Elastic Container Registry (ECR) into Grail and analyze them on the Dynatrace platform.

Goal

  • Get insights from Dynatrace for Amazon ECR vulnerability findings.
  • Easily work with your data on the Dynatrace platform.

How it works

Be sure to check Prerequisites before getting started.

Amazon ECR - how it works

1. Container images are scanned

Details

Container image vulnerabilities are automatically reported in Amazon ECR.

Action required

Set up the desired Amazon ECR scan type. You have two options:

2. You feed the data into Grail

Details

You feed the data from Amazon ECR into Grail via our security events OpenPipeline ingest endpoint, using an event forwarder that you can easily set up with an AWS CloudFormation template provided by Dynatrace.

Action required

Set up the automatic ingestion with AWS CloudFormation

3. Data is mapped

Details

The OpenPipeline ingest endpoint receives the vulnerability findings and maps (formats) them according to the Semantic Dictionary.

These are stored in a bucket called default_security_custom_events (for details, see: Built-in Grail buckets).

Action required

No action is required from your side.

4. Enjoy the data

After data is ingested into Grail, you can visualize, analyze, and automate data.

Prerequisites

See below for the Amazon ECR and Dynatrace requirements.

Amazon ECR requirements

Dynatrace requirements

Get started

To set up automatic ingestion, select one of the options below, according to the scan type you've set up in Prerequisites:

Visualize, analyze, and automate data

Once you ingest your Amazon ECR data into Grail, you can

Consumption

For billing information, see Events powered by Grail.