Rules Contributing to Suspicious AWS ELB Activity Alert

The following rules are used to identify suspicious activity with AWS ELB. Any one or more of these will trigger the Suspicious AWS ELB Activity Alert. Details for each rule can be viewed by clicking the More Details link in the description.

Title

Description

AWS ELB Security Group Modified

Identifies the modification of an ELB security group.

More details

Rules Contributing to Suspicious AWS ELB Activity Alert

Rule ID

Query

Log Source

Rule Source

Tactics, Techniques, and Procedures

References

Additional Information