Back to all diagrams Save as PNG
%% title: 10-4.3 Monitoring & Alerting Data Flow %% description: Section 10 - System Environment - Figure 10-4.3 Monitoring & Alerting Data Flow graph LR subgraph AWS US West Oregon kinesis["AWS Kinesis"] end subgraph AWS GovCloud elb["AWS Elastic Load Balancer<br>(ELB)"] UAA["User Authentication/Authorization (UAA)"] aws-logs["AWS CloudWatch Logs"] aws-cloudwatch["AWS CloudWatch"] aws-console["AWS Console"] aws-api["AWS API"] aws-iam("AWS IAM") subgraph Centralized Monitoring Components nessus["Nessus Manager"] prometheus["Prometheus Alerting/Storage"] grafana["Grafana<br>(Time Series Visualizations)"] end subgraph All EC2 Instances nessusagent{"Nessus<br>Scanning<br>Agent"} clamav{"ClamAV<br>(Virus/Malware)"} tripwire{"Tripwire<br>(Filesystem Integrity)"} logs("System Logs") aws-logs-agent{"AWS<br>CloudWatch<br>Logs Agent"} nragent{"New Relic Agent"} snort{"Snort IDS<br>(Intrusion Detection)"} boshagent["BOSH Agent"] node-exporter["Prometheus Node Exporter"] end subgraph Cloud Foundry Components boshdirector{"BOSH Director"} firehose{"Metrics"} end end subgraph GSA Responsibility SAML{"Single Sign-on (SSO)<br>providing MFA"} gsanessus>"GSA Nessus Manager (Tenable Security Center)"] end subgraph External statuspage["StatusPage"] sp-account["StatusPage Account"] clamav-updates>"ClamAV Updates"] Googlegroups["Google Groups"] snort-updates>"Snort Network<br>Vulnerability Profiles"] tenable-updates>"Tenable Updates"] end email("Email") Ops((Cloud Operations)) nessusagent--Sends Scanning Results-->nessus nessus--Monitors-->nessusagent gsanessus--Sends Settings Updates-->nessus nessus--Sends Scanning Results-->gsanessus nessus--Reports-->email tenable-updates--Security Definition Updates-->nessus node-exporter--System Performance Metrics-->prometheus firehose-->prometheus aws-api--AWS Metrics-->boshdirector boshagent-->boshdirector boshdirector--Health Monitor state changes-->prometheus boshdirector--AWS Metrics-->prometheus tripwire--Sends Report-->logs logs--Sends Logs-->aws-logs-agent logs--Sends Performance Metrics-->aws-cloudwatch aws-logs-agent--Sends Encrypted Log Data Only-->kinesis kinesis--Sends Encrypted Log Data Only-->aws-logs aws-logs--View Logs-->aws-console clamav-updates--Security Definition Updates-->clamav clamav--Sends Alerts-->prometheus logs--Sends Logs-->prometheus snort-updates--Security Definition Updates-->snort snort--Sends Alerts-->prometheus prometheus--Visualizes events-->grafana elb-->grafana prometheus--Processes alerts-->googlegroups Googlegroups-->email UAA-.Authentication.->SAML grafana-.Authorization.->UAA aws-console-."Authentication/Authorization".->aws-iam statuspage-."Authentication/Authorization".->sp-account email-->Ops Ops--HTTPS-->elb Ops--HTTPS-->aws-console Ops--HTTPS-->googlegroups
Legend
Bidirectional data/information flow
One-directional data/information flow
Data/information request that is system generated
Component ( square corners )
Collections of VMs or containers
Non-VMs / container components ( rounded corners )
User types
External data components
Grouping of components
Back to all diagrams