Alarm if infected files are found Add-On (deprecated)

This Add-On is only available for bucketAV for Amazon S3! This Add-On is deprecated. Use reports instead!

This Add-On creates a CloudWatch Alarm to notify you via email if infected files are found in the past N seconds.

Table of Contents

Setup

Install Add-On (requires a running bucketAV installation)

  1. Set the Stack name to bucketav-alarm.
  2. Set the BucketAVStackName parameter to the stack name of bucketAV (if you followed the docs, the name is bucketav).
  3. Set the Email parameter to your email address.
  4. Click on the Create stack button to save.
  5. You will receive an email (subject: AWS Notification - Subscription Confirmation) with a confirmation link that you have to visit.
Not available. Please contact us if you have a use case for it!

CloudFormation snippet

# [...]
Resources:
  # [...]
  Alarm:
    Type: 'AWS::CloudFormation::Stack'
    Properties:
      Parameters:
        BucketAVStackName: 'bucketav' # if you followed the docs, the name is bucketav
        Email: 'name@domain.todo' # TODO replace email address
      TemplateURL: 'https://bucketav-add-ons.s3.eu-west-1.amazonaws.com/alarm/v2.1.0/bucketav-add-on-alarm.yaml'
Not available. Please contact us if you have a use case for it!

Terraform snippet

resource "aws_cloudformation_stack" "bucketav_add_on_alarm" {
  name         = "bucketav-alarm"
  template_url = "https://bucketav-add-ons.s3.eu-west-1.amazonaws.com/alarm/v2.1.0/bucketav-add-on-alarm.yaml"
  capabilities = ["CAPABILITY_IAM"]
  parameters = {
    BucketAVStackName = "bucketav" # if you followed the docs, the name is bucketav
    Email             = "name@domain.todo" # TODO replace email address
  }
}
Not available. Please contact us if you have a use case for it!

Update

Which version am I using?

  1. To update this Add-On to version v2.1.0, go to the AWS CloudFormation Management Console.
  2. Double-check the region at the top right.
  3. Search for bucketav-alarm, otherwise search for the name you specified.
  4. Select the stack and press the Update stack button; press Make a direct update.
  5. Select Replace existing template and set the Amazon S3 URL to https://bucketav-add-ons.s3.eu-west-1.amazonaws.com/alarm/v2.1.0/bucketav-add-on-alarm.yaml Copy
  6. Click on Next.
  7. Scroll to the bottom of the page and click on Next.
  8. Scroll to the bottom of the page, enable I acknowledge that AWS CloudFormation might create IAM resources, and click on Next.
  9. Scroll to the bottom of the page and click on Submit.
  10. While the update runs, the stack status is UPDATE_IN_PROGRES. Reload the table from time to time and …
  11. … wait until the CloudFormation stack status switches to UPDATE_COMPLETE.
Not available. Please contact us if you have a use case for it!

Architecture

The following AWS services are used:

  • CloudWatch Alarms to monitor if infected files are found.
  • SNS Topic & Subscription to send out emails.

Release Notes

Subscribe to our Atom feed or newsletter to stay up-to-date! We also publish a machine-readable JSON file.

v2.1.0

Changes:

  • Add Service Discovery

Release date:2023-12-07

Template: https://bucketav-add-ons.s3.eu-west-1.amazonaws.com/alarm/v2.1.0/bucketav-add-on-alarm.yaml

v2.0.0

Changes:

  • Initial release

Release date:2021-06-06

Template: https://bucketav-add-ons.s3.eu-west-1.amazonaws.com/alarm/v2.0.0/bucketav-add-on-alarm.yaml

Not available. Please contact us if you have a use case for it!

Need more help?

Write us, and we'll get back to you as soon as we can.

Send us an email