Stack Overflow
Stack Overflow

Questions tagged [amazon-cloudtrail]

Monitor AWS deployments in the cloud by getting a history of AWS API calls for the AWS account, including API calls made via the AWS Management Console, the AWS SDKs, the command line tools, and higher-level AWS services. Identify which users and accounts called AWS APIs for services that support CloudTrail, the source IP address the calls were made from, and when the calls occurred.

293 questions
0
votes
1 answer

Log file upload/deletion actions on amazon s3 via the management console

Is it possible to log when an upload or deletion of a file happens in s3 via the management console? From what I can tell, CloudTrail allows object level logging of events via API calls, as well as a few management console actions, like signing in…
nickjmartinson
  • 3
  • 2
0
votes
1 answer

Connecting CloudTrail with OMS Log Analytics

Has anyone imported AWS CloudTrail data into OMS Log Analytics before? Since CloudTrail stores its data in S3 buckets, I would have to believe there is a way to do this.
Phydeauxman
  • 41
  • 2
0
votes
2 answers

AWS CloudTrail without configuring trail

I am new to AWS CloudTrail. I have gone through number of aws docs and unable to figure out how to read cloudtrails last 7 days logs through program without configuring trail or without getting charged. I want to write a java program which will read…
Sachin Patil
  • 1
  • 5
0
votes
1 answer

AWS Auditor Role - AWSCloudTrailFullAccess Or AWSCloudTrailReadOnlyAccess

For AWS Auditor role, do we need to provide AWSCloudTrailFullAccess or its enough to provide AWSCloudTrailReadOnlyAccess?
Pavan Rao
  • 411
  • 1
  • 8
  • 30
0
votes
1 answer

How to create a cloudwatch rule for new security group creation?

I would like to create a cloudwatch rule that monitors and alerts on the creation of new security groups. I thought that the CreateSecurityGroup event is what I was looking for but no metrics are being created when I create a new security group. …
Alex Cohen
  • 5,596
  • 16
  • 54
  • 104
0
votes
1 answer

AWS CloudTrail log fie cannot be unzipped

I downloaded a cloud trail GZ file from my S3 bucket, but when i tried to unzip it using the freshly downloaded 7zip, the error message says "cannot open file xxx as archive". I tried to save the log in different S3 buckets. I deleted the trail and…
user788454
0
votes
1 answer

Getting CloudTrail event to a Lambda function

Is there a way to get event information, specifically the ARN of the service causing the event, to a lambda function? In my previous question, I asked for some help with using Cloudwatch and Cloudtrail to get the info. I think it was mostly just an…
RandyA
  • 49
  • 1
  • 7
0
votes
1 answer

Receive logs from AWS SNS

I got severals cloudwatch filter for cloudtrails logs, for example: { ($.eventName = "ConsoleLogin") && ($.additionalEventData.MFAUsed = "No") } Each filter trigger an alarm and I receive an SNS notification on my mailbox telling me something like…
jthemovie
  • 153
  • 2
  • 13
0
votes
1 answer

CloudTrail RunInstances event, who actually provisioned EC2 instance when STS AssumeRole used?

My client is in need of an AWS spring cleaning! Before we can terminate EC2 instances, we need to find out who provisioned them and ask if they are still using the instance before we delete them. AWS doesn't seem to provide out-of-the-box features…
buildmaestro
  • 1,386
  • 5
  • 22
  • 37
0
votes
1 answer

Cloudtrail to Cloudwatch to other account

I got 4 aws accounts, and i want to centralise all my logs into a single accounts for security purposes. Meaning collect cloudwatch logs from account prod, dev and perf into an account called logs. Ideally they would end up in cloudwatch in the…
jthemovie
  • 153
  • 2
  • 13
0
votes
1 answer

Want to aggregate AWS cloudtrails from various accounts to a master AWS account

Got this working with the following solution, but was wondering if there was a better approach. WORKING Solution CustomerA( Cloudtrails ) ---> CustomerA (Cloudwatch ) --> Master ( S3 Bucket ) --> Master ( Lambda ) --> Master( Kinesis ) Tried the…
jcalloway
  • 1,155
  • 1
  • 15
  • 24
0
votes
2 answers

Retrieving Username from CloudTrail logs for RunInstances event

We have a large number of EC2 instances running in AWS for about 1 year. Now we are trying to perform a clean up activity for he unused instances and based on a username using which we have launched instances. I have tried downloading the cloudtrail…
Ali
  • 955
  • 9
  • 14
0
votes
1 answer

Linux ELK server reading cloudtrail logs - troubleshooting issues

Have built a ELK server running on RHEL 7.2 in AWS. The plan is to have it ingest cloudtrail logs from a S3 bucket and then do magic at the kibana front end but it's not working and I've lost days of my life trying to work it out hence why I'm…
KarlH
  • 23
  • 1
  • 5
0
votes
2 answers

Get AWS CloudTrail log to Kibana

Is there any better solution implement to get aws cloudtrail logs to kibana, here I am using ElasticSearch Service from AWS
user60679
  • 709
  • 14
  • 28
0
votes
1 answer

Not able to get Amazon SNS logs

Below is the log stream I am getting with the CLI command : And I am also getting the log streams as below: But while accessing a log stream I am getting the below error: So could you please help me where I am wrong or why the error is coming.…
choudhury smrutiranjan parida
  • 2,588
  • 5
  • 28
  • 39
1 2 3
19
20