Cloud Device Details

Search > Device Details > Cloud provides five tabs of cloud data, samples of which are below. 

Inspector Tab

The source of Asset Manager Inspector tab data is Amazon Inspector, which is an automated security assessment service on AWS that helps you test the network accessibility of Amazon EC2 instances and the security state of your applications running on the instances. Amazon AWS Inspector analyzes your network configurations in AWS for reachability, a security service that assesses instances for security exposures and vulnerabilities. In-depth information about AWS Inspector is available at https://aws.amazon.com/inspector/faqs/. The inspector tab presents identifiers associated with one AWS instance.


Data Type Description Example
Provider Name of the cloud provider aws
Account ID Account number the cloud provider assigned to your company's account 040758885882
Instance ID Cloud provider's instance identifier i-010c0019a16e292b8
Public IP Address IPv4 address of the instance 172.18.10.124

Public MAC Address

MAC address of the instance 0e:28:30:20:73:c8
Name Name of the cloud account such as sa-account sa-account
AWS Target Identifies AWS assessment targets (collection of AWS resources) for which you want to evaluates the security state
Agent Health Indicates the health of the AWS security assessment service running on the AWS agent
Last Scan Time of the last health check
High AWS indicator of a high-severity failure (i.e., one failed CIS benchmark rule) 0
Medium AWS indicator of a medium-severity failure 0
Low AWS indicator of a medium-severity failure 4
Info AWS indicator of a low-severity failure 26


Inventory Tab

One record displays. It represents the one virtual machine instance in AWS cloud.

Data Type Description
Provider Name of the cloud provider aws
Account ID Account number the cloud provider assigned to your company's account 040758885882
Instance ID Cloud provider's instance identifier i-010c0019a16e292b8
Public IP Address IPv4 address of the instance 172.18.10.124

Public MAC Address

MAC address of the instance 0e:28:30:20:73:c8
Name Name of the cloud account such as sa-account sa-account
Provider Name of the cloud provider
Account ID Account number cloud provider assigned to your company's account
Instance ID Unique identifier of an instance
Public IP Address IPv4 address of instance

Public MAC Address

MAC address of instance
Name Name of the AWS cloud account such as sa-account
Region Geographic area in which the instance is running
VPC ID Amazon Virtual Private Cloud identifier
Risks List of security risks for instance
Security Group Risk Number of Security Group Violations
Subnet Route Risk Number of subnet route risks. The cell will be empty when there aren't any subnet route risks

Security Tab

Each record describes one security group violation. The risks column identifies why the security configuration has been flagged by Cloud Scout as a violation.

Data Type Description
Security Group ID Unique security group identifier generated by Amazon to identify a security group.
Description User-populated field in AWS
Risks Description of a violation
VPC ID

Unique identifier generated by Amazon to identify an Amazon Virtual Private Cloud

IPv4 Range The range of IPv4 address to which a rule applies
IPv6 Range The range of IPv6 address to which a rule applies
Direction

Indicates whether the violation occurs going outbound or inbound

Src Port Origination port from which traffic to instance is allowed
Dest Port Destination port to which traffic from instance is allowed
Protocol The network protocol over which the traffic is allowed

Interface Tab


Data Type Description
Public IP IPv4 or IPv6 address of interface
Index Ordinal number from AWS that identifies the interface
Description Optional field. Populates with the description user provided in AWS

MAC Address

MAC address of interface
Network Interface ID Unique identifier generated by AWS
Interface Status Current status of the network interface
Subnet ID Unique identifier of the subnet as identified by AWS
VPC ID Identifies for the Virtual Private Cloud to which the interface belongs.
Private IP Address IP address for the network interface
Attach Status Indicator as to whether the interface is attached or not attached.  Interface will only show "attached."  (Asset Manager doesn't show "unattached" interfaces. )

Audit Logs

Shows the last 30 days or last 100 event notification records, whichever is smaller. To see more records, you can click Export to export the last 90 days or 10,000 records in JSON format. When you export to JSON, addition details are provided.  


Data Type Description Example
Event Time Time the event was recorded in Coordinated Universal Time (UTC) format 2019-11-08T09:57:24Z
Username Identifier of the person who performed the activity that triggered an event notification AttachNetworkInterface
ModifyInstanceAttribute
RebootInstances
Region Geographic area in which the instance is running
us-east-1
Event Name Event name comes from AWS DetatchNetworkInterface
Event Source From web interface rather than CLI ec2.amazonaws.com
Source IP Address From web interface rather than CLI 152.193.0.98