Skip to main content

Events

The Events page is a chronological timeline of what changed in your AWS environment from GuardKite's point of view. Open it when you want to answer "what's new since I last looked?" or "when did this break?"

Events are grouped by day, in reverse chronological order. Each event records what type of change occurred, which resource or finding it affected, and when.

Event types you may see:

  • A new finding opened (a previously-passing check now fails for a resource).
  • An existing finding closed (the same check now passes — usually a remediation landed).
  • A scan completed for an account.
  • A new AWS account was connected.
  • An attack path was snoozed or un-snoozed.

Use the Refresh button to pull the latest events without reloading.

Patterns worth recognizing:

  • A burst of new findings — usually a recent deployment regressed your posture.
  • A long streak of closures — the team is making progress on a backlog.
  • A gap in scans — likely means an account is disconnected.

Click through from an event to the relevant finding or path. The Events page itself is deliberately lightweight; the detail pages are where the real work happens.