Difference between revisions of "AWS CloudTrail"

From wikieduonline
Jump to navigation Jump to search
 
(13 intermediate revisions by the same user not shown)
Line 5: Line 5:
 
Features:
 
Features:
 
* Basic funtionality enabled by default
 
* Basic funtionality enabled by default
* you can create a trail that will log events for all AWS accounts in the [[AWS organization]]
+
* Create [[trails]] that will [[log events]] for all AWS accounts in the [[AWS organization]]
 
+
* Encrypted by default Amazon server-side encryption with [[Amazon S3-managed encryption keys]] ([[SSE-S3]])
 +
* Ingest events from a partner or external source
  
 +
Services:
 
* [[AWS CloudTrail Insights]] ([[AWS timeline|Nov 2019]]) <ref>https://aws.amazon.com/blogs/aws/announcing-cloudtrail-insights-identify-and-respond-to-unusual-api-activity/</ref>
 
* [[AWS CloudTrail Insights]] ([[AWS timeline|Nov 2019]]) <ref>https://aws.amazon.com/blogs/aws/announcing-cloudtrail-insights-identify-and-respond-to-unusual-api-activity/</ref>
 
* [[AWS CloudTrail Lake]] ([[AWS timeline|Jan 2022]]) <ref>https://aws.amazon.com/blogs/mt/announcing-aws-cloudtrail-lake-a-managed-audit-and-security-lake/</ref>
 
* [[AWS CloudTrail Lake]] ([[AWS timeline|Jan 2022]]) <ref>https://aws.amazon.com/blogs/mt/announcing-aws-cloudtrail-lake-a-managed-audit-and-security-lake/</ref>
 +
* [[AWS CloudTrail Lake Dashboards]] ([[AWS timeline|Jun 2023]]) <ref>https://aws.amazon.com/blogs/mt/announcing-aws-cloudtrail-lake-dashboards-visualize-and-analyze-cloudtrail-data/</ref>
 +
 +
  
 
* [[Data exfiltration]]
 
* [[Data exfiltration]]
Line 27: Line 32:
 
* Read [[AWS CloudTrail Best Practices]]: https://aws.amazon.com/blogs/mt/aws-cloudtrail-best-practices/
 
* Read [[AWS CloudTrail Best Practices]]: https://aws.amazon.com/blogs/mt/aws-cloudtrail-best-practices/
 
* Read blog: https://aws.amazon.com/blogs/mt/category/management-tools/aws-cloudtrail/
 
* Read blog: https://aws.amazon.com/blogs/mt/category/management-tools/aws-cloudtrail/
* [[Validating CloudTrail log file integrity]]
+
* [[Validating CloudTrail log file integrity]]: <code>[[--enable-log-file-validation]]</code>
 +
* [[Enabling CloudTrail event logging for S3 buckets and objects]]
  
 
== Related terms ==
 
== Related terms ==
Line 43: Line 49:
 
* [[AWS compliance]]
 
* [[AWS compliance]]
 
* [[AWS Governance]]
 
* [[AWS Governance]]
 +
* [[AWS Audit Manager]]
 +
* [[aWSCloudTrail_FullAccess]]
 +
* [[Datadog SIEM Content Packs for Cloudtrail]]
 +
* [[Logging All Lambda Function Invocations By Using Basic Event Selectors]]
  
 
== See also ==
 
== See also ==
 +
* {{aws cloudtrail events}}
 
* {{aws cloudtrail}}
 
* {{aws cloudtrail}}
 
* {{CloudTrail}}
 
* {{CloudTrail}}

Latest revision as of 15:19, 24 September 2024

wikipedia:AWS CloudTrail [1] (Nov 2013) is a web service that records API calls made on your account and delivers log files to your AWS S3 bucket every 5 minutes[2]. Third party products such as CloudCheckr and Splunk can help you to analyze logs. Basic functionality of AWS CloudTrail is enabled on all AWS accounts by default and records up to 90 days of your account activity upon account creation by creating a trail you can extend retention period.

Features:

Services:


Pricing[edit]

Change log[edit]

Activities[edit]

Related terms[edit]

See also[edit]

  • https://aws.amazon.com/es/about-aws/whats-new/2013/11/13/announcing-aws-cloudtrail/
  • https://aws.amazon.com/cloudtrail/faqs/#Event_payload.2C_timeliness.2C_and_delivery_frequency
  • https://aws.amazon.com/blogs/aws/announcing-cloudtrail-insights-identify-and-respond-to-unusual-api-activity/
  • https://aws.amazon.com/blogs/mt/announcing-aws-cloudtrail-lake-a-managed-audit-and-security-lake/
  • https://aws.amazon.com/blogs/mt/announcing-aws-cloudtrail-lake-dashboards-visualize-and-analyze-cloudtrail-data/
  • https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/BidEvictedEvent.html
  • Advertising: