Nic Acton
  • My Gitbook
  • My Favorite Things
    • Podcasts
    • Newsletters
  • Monthly Summaries
    • May 2019
    • June 2019
  • Cloud Computing
    • Cloud Concepts
    • AWS
      • Certified Solutions Architect
      • Well Architected Framework
        • Operational Excellence
        • Reliability
        • Performance Efficiency
        • Cost Optimization
        • Security
      • Analytics
        • Elasticsearch Service
        • Kinesis
        • Elastic MapReduce (EMR)
      • Compute Services
        • Elastic Beanstalk
        • Elastic Container Service (ECS)
      • Deployment
        • CloudFormation
      • Application Services
        • Key Management Service (KMS)
        • Simple Queue Service (SQS)
        • API Gateway
        • Simple Work Flow (SWF)
        • Amazon MQ
        • Simple Notification Service (SNS)
      • Simple Storage Service (S3)
        • Macie
      • Databases
        • RDS
        • DynamoDB
        • ElastiCache
        • Neptune
        • Redshift
      • Cloudfront
      • IAM
      • Monitoring
        • Trusted Advisor
        • Amazon Inspector
        • AWS Config
        • AWS Shield
        • CloudWatch
          • VPC Flow Logs
        • CloudTrail
        • Guard Duty
      • Route53
      • Serverless Architectures
        • Lambda
      • VPC
        • Highly Available & Fault Tolerant VPCs
        • Hybrid Environments
          • VPC Peering
          • Direct Connect
        • Cloud HSM
    • GCP
    • Azure
    • HashiCorp
    • Red Hat
      • RHEL
        • Basics
        • Grep & Regex
        • SSH
      • Ansible
    • Tutorials/Guides
      • Linux
        • Admin
  • Software Engineering
    • Machine Learning
      • Deep Learning
        • Tensorflow
      • Training and Loss
    • Programming
      • APIs
    • Security
    • Web Development
      • OSI 7 Layer Model
    • Tutorials/Guides
      • Apache Server
    • Virtualization
      • Virtual Machines
      • Containers
      • Serverless
  • Fitness
    • Nutrition
      • Diets
      • Macronutrients
      • Supplements
      • Miscellaneous
    • Strength Training
    • BodyBuilding
  • Miscellaneous
    • Technology Ethics
      • Education
    • Interesting Concepts
      • Libertarian Paternalism
Powered by GitBook
On this page
  • Essentials
  • CloudWatch Logs Integration

Was this helpful?

  1. Cloud Computing
  2. AWS
  3. Monitoring

CloudTrail

API Logging as a Service

Essentials

  • An API logging service that logs API calls made to AWS

  • It does not matter if the API calls came from the command line, an SDK, or the console

  • All created logs are placed into a designated S3 bucket - so they are highly available by default

    • Cross-account buckets for multiple accounts

    • Limit access!

    • Encrypted

  • Cloudtrail logs help when addressing security concerns, by allowing you to view what actions users on your AWS account have performed

  • Since AWS is just one big API - CloudTrail can log every configuration change in your account

  • Has to be enabled for each region

CloudWatch Logs Integration

  • Sends CloudTrail Events to CloudWatch Logs

  • Define custom metrics and alarms

    • Security Group and NACL Changes

    • VPC Changes

    • Failed Console Login Attempts

    • Failed API Authorizations

    • IAM Changes

PreviousVPC Flow LogsNextGuard Duty

Last updated 5 years ago

Was this helpful?