Stack Overflow
Stack Overflow

Questions tagged [amazon-cloudtrail]

Monitor AWS deployments in the cloud by getting a history of AWS API calls for the AWS account, including API calls made via the AWS Management Console, the AWS SDKs, the command line tools, and higher-level AWS services. Identify which users and accounts called AWS APIs for services that support CloudTrail, the source IP address the calls were made from, and when the calls occurred.

293 questions
0
votes
1 answer

Can you send custom trail to a cloud trail?

I want to create a log for every request on the api that we are using. Can you send custom trails to the cloud trail to have a breadcrumb on every request? I connected the serverless lambda with the cloud trail and it is giving me a "trail" but…
mutedeuphonies
  • 343
  • 1
  • 15
0
votes
1 answer

How to get the "resource name" while using the AWS CloudTrail processing library

I am using the AWS CloudTrail processing library to pull Cloudtrail logs from AWS. In the screenshot image of event history below (taken from the CloudTrail web console), the name of the bucket affected by a change is reflected under the column:…
SyCode
  • 1,077
  • 4
  • 22
  • 33
0
votes
1 answer

How to update Mapping

How can I update index mapping to include the following field doc_as_upsert : true My logstash ingesting cloudtrail logs from s3 is showing the following on the log Could not index event to Elasticsearch. {:status=>400, :action=>["index",…
tripleb
  • 67
  • 2
  • 2
  • 10
0
votes
0 answers

cloudtrail logstash mapper_parsing_exception status 400

How can I update logstash or elasticsearch template so I can avoid this mapper_parsing_exception error showing on the logstash server. Trying to elk for aws cloudtrail logging but seem to be hitting road block every single step. I also understand…
tripleb
  • 67
  • 2
  • 2
  • 10
0
votes
2 answers

Using boto3 to query AWS CloudTrail to determine which IAM user uploaded a file to S3?

I'm trying to develop a way of breaking down S3 by which users/projects using CloudTrail. Does CloudTrail offer the ability to see which IAM user uploaded a a particular object to a bucket? UPDATE: I have a CloudTrail turned on that monitors…
claudiadast
  • 591
  • 3
  • 11
  • 33
0
votes
1 answer

track user activity with aws cloudtrail

I am new to AWS. Can anyone please tell me how to track user activities like login, logout, other stuff etc in AWS CloudTrail. Also, I need to mention that I want to track all users activities which are in my group. Please help. Also, what kind of…
SONIA SINGH
  • 11
  • 1
0
votes
1 answer

AWS CloudTrail not logging CloudFront distribution ID after deployment

I have created a trail to log all the events happens in AWS, But the trail not logging the ID of CloudFront distribution after deployment successfully. Here is a snippet of output trail logged on create distribution. ( [EventId] =>…
Rahul Gaikwad
  • 563
  • 4
  • 9
  • 26
0
votes
1 answer

AWS Lambda CloudTrail Events SAM Mapping

Could you please provide information/link how can I create next via AWS SAM: 1. Go to services → CloudWatch → Rules → click on Create rule . 2. Event Source → choose Event Pattern → select CloudWatch Logs in Service Name , AWS API Call via…
Max Vinogradov
  • 1,343
  • 1
  • 13
  • 31
0
votes
0 answers

Will we get exact time a configuration change happened using AWS Config service?

From the docs I find that we get configurationItemCaptureTime for every configuration change that happens. For eg., I created a volume at 5:46, but the SNS event had configurationItemCaptureTime which is 5:53. Maybe this is because the system took…
Harish Kayarohanam
  • 3,886
  • 4
  • 31
  • 55
0
votes
1 answer

How to enable AWS EMR CloudTrail logging?

We have a team shared AWS account, that sometimes things are hard to debug. Especially, for EMR APIs, throttling happens regularly, that it'll be nice to have CloudTrail logs tell people who is not being nice when using EMR. I think our CloudTrail…
Pen2
  • 23
  • 7
0
votes
3 answers

Getting Cloudtrail Cloudwatch Events Working

Im attempting to process cloudwatch events, specifically cloudtrail ones since I am deploying into us-east-1 but would like to get events from all regions. Everything deploys, but the events are not triggering the lambda. My cloudtrail is configured…
Justin Seiser
  • 359
  • 1
  • 3
  • 13
0
votes
0 answers

MySQL event to delete table data older than 10 minutes?

I have the following table created : CREATE TABLE Trailtbl( userid char(50), action varchar(150), timestamp varchar(30), service char(20), resources varchar(200), accountid varchar(30), awsregion varchar(20), roleid varchar(100), eventid…
FCoding
  • 121
  • 1
  • 4
  • 13
0
votes
1 answer

AWS/CloudTrail - Why its not mentioned in AWS Namespaces?

Clearly AWS/Cloudtrail is available in AWS NameSpace as shown in screenshot below: URL: https://docs.aws.amazon.com/sdkfornet1/latest/apidocs/html/N_Amazon_CloudTrail.htm Why is it not provided in official documentation list of AWS namespaces? URL:…
Pavan Rao
  • 411
  • 1
  • 8
  • 30
0
votes
1 answer

How to read cloudTrail logs using AWS SDK in PHP

I am new to AWS SDK APIs. I have a s3 bucket(my-bucket) used for my client to download files from there. I have a Trail(my-trail) used to deliver logs into another s3 bucket(my-bucket-logs) whenever my client download files from the "my-bucket". I…
Aefits
  • 3,399
  • 6
  • 28
  • 46
0
votes
2 answers

how to get email notification when ec2 instance with particular tag is terminated in AWS

I have cloudtrail setup and i am sending trail events to cloudwatch logs group and i setup cloudwatch alarm with metrics filter { ($.eventName = RebootInstances) || ($.eventName = StopInstances) || ($.eventName = TerminateInstances) } to invoke SNS…
Nani
  • 117
  • 1
  • 12
1 2 3
19 20