0

I am new to AWS CloudTrail. I have gone through number of aws docs and unable to figure out how to read cloudtrails last 7 days logs through program without configuring trail or without getting charged.

I want to write a java program which will read audit logs from aws and process those logs. I know we can create trail and we can read logs from aws s3 bucket using program, but I don't know how to read logs using aws sdk api for last 7 days like how we get logs on aws console ( we can read last 7 days audit logs free of cost.).

We can get this done using - cloudtrail-processing-library, but the properties/conf file for this lib requires sqs url as argument which i don't have, rather I don't know.

Please assist me so that I can write java program.

Regards, Sachin

Sachin Patil
  • 1
  • 5

2 Answers2

0

You can use the lookupEvents API in cloudtrail for getting the list of events (any create/update/delete operations). http://docs.aws.amazon.com/AWSJavaSDK/latest/javadoc/com/amazonaws/services/cloudtrail/AWSCloudTrail.html#lookupEvents-com.amazonaws.services.cloudtrail.model.LookupEventsRequest

arbit
  • 1
  • Thank you very much for the reply. I am new to aws sdk can you give sample code to lookup events, that would be great help. – Sachin Patil Nov 22 '17 at 06:03
0

The logs are stored in a S3 bucket and you can use AWS athena to process and query the logs if you want, so you don't have to write a Java program. If you do then that program will need IAM privileges to read from the S3 bucket that stores the logs.

AWS Athena

How to find your Cloud trail logs

Java code examples on S3 bucket objects

Java Cloudtrail SDK reference

strongjz
  • 4,271
  • 1
  • 17
  • 27
  • Thank you very much for the reply! I haven't configured/created cloud trail, so my logs are not stored in aws s3 bucket. Without configuring/creating cloud trail, we can read last 7 days management logs through console. I want to write java program to read 7 days logs without creating/configured trail. I have created IAM user and I have authentication key and secret for user which can read cloud trail logs. I think I need to write java program using AWSCloudTrailClient class. Just searching sample java code with this class - AWSCloudTrailClient. Regards, Sachin – Sachin Patil Nov 22 '17 at 14:57