To discover non-native data services (i.e., an Oracle Database) running on top of EC2 instances, Open Raven fingerprints servers using a proprietary machine-learning technology called DMAP (to see it, click on "Scanner Settings" under "Configuration.") Open Raven does this by executing a number of Lambda functions in each AWS region where Assets were discovered.
The number of Lambda functions that may be created at any time depends on:
- The number of AWS Assets to scan.
- How often these Assets change (and how quickly Open Raven detects those changes).
As each Lambda function uses an elastic network interface that has a quota, and both the Lambda function and network interface are consumption-charged, these values should be set conservatively, at least initially.
Setting the Scan Quota per Region value sets the number of concurrent scans Open Raven will run. On the other hand, the Scan Interval is how often DMAP looks for newly discovered EC2 instances to process.
When scanning is enabled, Open Raven will always schedule a full DMAP scan at 3 am UTC.
Updated 9 months ago