You can import AWS Security Hub, GuardDuty, and Inspector findings into New Relic to achieve a single, unified view of vulnerabilities. The process uses EventBridge to post findings from AWS Security reporting services via an AWS API Destination.
After completion of these steps, you will see new vulnerabilities detected by AWS Security tools in your New Relic account in real time, and you'll be able to build out analytics dashboards and enable alerts on newly detected issues.
To send AWS security data to New Relic:
- Enable AWS Security Hub on your AWS account.
- Obtain a New Relic license key for the account you want to report data to.
- In your AWS UI navigate to EventBridge > Integrations > API destinations > Create API destination.
- Fill in the prompts.
- Construct your endpoint using the pattern below, and enter it into API destination endpoint:
Select POST as the HTTP method. Select Create a new connection.
- Fill in the fields in the new prompt.
- For Destination select Other.
- For Authorization type select API Key.
- For API Key Name type
Api-Keyand paste your New Relic License Keylicense key as the value.