Wazuh is a Host-based Intrusion Detection service provided by CloudAware via Kibana platform user interface. Wazuh is available via CloudAware Launcher.
...
Customers may also choose to deploy a hybrid approach where some agents use CloudAware-managed IDS servers and some agents user customer-managed IDS servers.
IDS Status
If Intrusion Detection module is deployed, the tile 'IDS status' on an instance may display 3 values:
- Monitored
- Not monitored
- Under Attack
Change Detection
Cloudaware has two mechanism of detecting change in Cloudaware:
...
...
Why Scanning Is Necessary?
- Not all modifications are captured by Cloudtrail
- Cloudtrail can be turned off by mistake or intentionally
- There is a 15-30 minute delay between a change event and cloudtrail a Cloudtrail record.
- Not all regions including gov regions support Cloudtrail service
Here is a list of services supported by Cloudtrail.
...
More information about AWS CloudTrail is available here.
Cloudaware extends functionality of Cloudtrail by making relevant Cloudtrail data readily available within CMDB. There are 3 key ways in which CloudTrail data can be accessed in Cloudaware:
...
Another powerful way in which CloudTrail events can be utilized is via Cloudaware Reports. Cloudaware come with a powerful report builder where we can zoom in specific CloudTrail events that meet our criteria. Reports can be scheduled, emailed, and converted to dashboards. Here is an example of a Daily Digest Report that summarizes all important changes throughout the day. 
More information about building reports in Salesforce is available here and here.