Back to all diagrams Save as PNG
%% title: 10-4.3 Monitoring & Alerting Data Flow %% description: Section 10 - System Environment - Figure 10-4.3 Monitoring & Alerting Data Flow graph LR subgraph AWS GovCloud alb["AWS Application Load Balancer<br>(ALB)"] UAA["User Authentication/Authorization (UAA)"] aws-logs["AWS CloudWatch Logs"] aws-cloudwatch["AWS CloudWatch"] aws-console["AWS Console"] aws-iam("AWS IAM") aws-guardduty["AWS GuardDuty"] aws-cloudwatch-alarms["AWS Cloudwatch Alarms"] subgraph Cloud Foundry Components boshdirector{"BOSH Director"} firehose{"Metrics"} concourse{"Concourse<br>(CI/CD Pipelines)"} end subgraph Centralized Monitoring Components nessus{"Nessus Manager"} prometheus{"Prometheus<br>Alerting/Storage"} grafana{"Grafana<br>(Time Series Visualizations)"} doomsday{"Doomsday<br>(Certificate Monitoring)"} end subgraph All EC2 Instances nessusagent["Nessus<br>Scanning<br>Agent"] clamav["ClamAV<br>(Virus/Malware)"] logs["System Logs"] aws-logs-agent["AWS<br>CloudWatch<br>Logs Agent"] snort["Snort IDS<br>(Intrusion Detection)"] boshagent["BOSH Agent"] node-exporter["Prometheus Node Exporter"] aide["AIDE<br>(Filesystem Integrity)"] end end subgraph GSA Responsibility SAML{"Single Sign-on (SSO)<br>providing MFA"} end subgraph External statuspage["StatusPage"] sp-account["StatusPage Account"] clamav-updates>"ClamAV Updates"] Googlegroups["Google Groups"] snort-updates>"Snort Network<br>Vulnerability Profiles"] tenable-updates>"Tenable Updates"] slack["GSA Slack"] end email("Email") Ops((Cloud Operations)) zscaler("Zscaler VPN") nessusagent--Sends Scanning Results-->nessus nessus--Monitors-->nessusagent nessus--Reports SMTP 587-->email tenable-updates--Security Definition Updates-->nessus node-exporter--System Performance Metrics-->prometheus firehose-->prometheus boshagent-->boshdirector boshdirector--Health Monitor state changes-->prometheus logs--Sends Logs-->aws-logs-agent logs--Sends Performance Metrics-->aws-cloudwatch aws-logs-agent--Sends Log Data-->aws-logs aws-console--View Logs-->aws-logs clamav-updates--Security Definition Updates-->clamav clamav--Sends Alerts-->prometheus aide--Sends Alerts-->prometheus logs--Sends Logs-->prometheus snort-updates--Security Definition Updates-->snort snort--Sends Alerts-->prometheus prometheus--Visualizes events-->grafana alb-->grafana alb-->doomsday prometheus--Processes alerts SMTP 587-->Googlegroups Googlegroups-->email UAA-.Authentication.->SAML grafana-.Authorization.->UAA doomsday-.Authorization.->UAA aws-console-."Authentication/Authorization".->aws-iam statuspage-."Authentication/Authorization".->sp-account email-->Ops Ops--HTTPS 443-->zscaler zscaler--HTTPS 443-->alb Ops--HTTPS 443-->aws-console Ops--HTTPS 443-->Googlegroups aws-guardduty--Findings SMTP 587-->Googlegroups aws-cloudwatch-alarms--Alarm Notifications SMTP 587-->Googlegroups aws-cloudwatch-alarms--AWS Login Failure Alerts HTTPS 443-->slack concourse--Pipeline Status HTTPS 443-->slack doomsday--Expiration Warnings HTTPS 443-->slack
Legend
Bidirectional data/information flow
One-directional data/information flow
Data/information request that is system generated
Component ( square corners )
Collections of VMs or containers
Non-VMs / container components ( rounded corners )
User types
External data components
Grouping of components
Back to all diagrams