My Security Hub report runs every hour and I want to send an alert to Opsgenie everytime Compliance Status shows as "Failed" for a finding automatically without manual intervention, that is, user selecting custom action as an option manually that is integrated with CloudWatch Events and SNS. One possible way is creating Lambda that runs every hour, Can you please suggest any other option?
Steps mentioned under "https://support.atlassian.com/opsgenie/docs/integrate-opsgenie-with-amazon-security-hub/" involved manual intervention of selecting custom action option everytime
Hi @Daman Malik ,
Happy to help!
I would recommend opening up a Support Case with Opsgenie so that we can examine your setup, but Opsgenie is a listening platform, so we can filter for alert payloads coming in from Security Hub as a means of automatic action taken using Action Filters . In lieu of an automatic check on the Security Hub side, that automatic job would likely be the best way of getting the "Failure" payload over to Opsgenie for alert creation.
As I mentioned, a Support Case would likely benefit you since we'll be able to see your setup, but let us know here if you have any follow up questions!
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.