Latest Version 2.1.11
February 18, 2026
AWS GuardDuty
This app integrates with AWS GuardDuty to investigate findings
Built by
Compatibility
SOAR On-Prem, SOAR Cloud
Platform Version: 8.4, 8.0, 7.2, 7.1, 7.0, 6.4, 6.3
Rating
0
(0)
Log in to rate this app
Support
Splunk Supported connector
Ranking
#5
in SIEM
This app integrates with AWS GuardDuty to investigate findings
Supported Actions
- test connectivity: Validate the asset configuration for connectivity using supplied configuration
- on poll: Callback action for the on_poll ingest functionality
- update finding: Updates specified Amazon GuardDuty findings as useful or not useful
- run query: Fetch the findings as per the filters applied
- archive finding: Archives Amazon GuardDuty findings specified by the detector ID and list of finding IDs
- unarchive finding: Unarchives Amazon GuardDuty findings specified by the detector ID and list of finding IDs
- list filters: Returns a paginated list of the current filters
- list threats: Lists the ThreatIntelSets of the GuardDuty service specified by the detector ID
- list ip sets: Lists the IPSets of the GuardDuty service specified by the detector ID
- list detectors: Lists detectorIds of all the existing Amazon GuardDuty detector resources
Categories
SIEM
Created By
Splunk LLC
Source Code
GitHub(Opens new window)Type
connector
Downloads
28,437
Licensing
Apache License 2.0(Opens new window)Splunk Answers
Ask a question about this app listing(Opens new window)Resources
Log in to report this app listing