Stack Overflow
Stack Overflow

Questions tagged [amazon-cloudtrail]

Monitor AWS deployments in the cloud by getting a history of AWS API calls for the AWS account, including API calls made via the AWS Management Console, the AWS SDKs, the command line tools, and higher-level AWS services. Identify which users and accounts called AWS APIs for services that support CloudTrail, the source IP address the calls were made from, and when the calls occurred.

293 questions
3
votes
1 answer

Validation error in aws cloudwatch events rule?

I am triggering my codebuild using codebuild triggers feature with an cron expression cron(*/2 * * * ? *) which triggers for every 2 minutes . Unfortunately, this didn't run after 2 minutes when i checked the cloudwatch show metrics i can see that…
Private
  • 1,661
  • 1
  • 20
  • 51
3
votes
1 answer

Elasticsearch tried to parse field [null] as object, but found a concrete value

How can I change mapping to resolve these error, new to elastic stack ` [logstash.outputs.elasticsearch] Could not index event to Elasticsearch. {:status=>400, :action=>["index", {:_id=>nil, :_index=>"cloudtrail-2018.10.08", :_type=>"doc",…
tripleb
  • 67
  • 2
  • 2
  • 10
3
votes
1 answer

Can we fetch AWS Cloudtrail logs using boto3 in python?

Is there a way to get logs/events from CloudTrail by using boto3 in python? How?
FCoding
  • 121
  • 1
  • 4
  • 13
3
votes
1 answer

Download and decrypt encrypted AWS CloudTrail log in the bucket

I am trying to download CloudTrail's log file that is stored in a S3 bucket but when I received the file it is unreadable until I realize that it could be encrypted as per say here and I don't know how to decrypt the file. Here is my code: …
Ihsan Haikal
  • 1,085
  • 4
  • 16
  • 42
3
votes
1 answer

AWS: Cloudformation script create S3 bucket for CloudTrail based on conditionals

I am trying to create a CloudFormation Script that will enable CloudTrail, and give the user an option to either create a new S3 bucket and use that, or use a currently existing S3 bucket. I'm new to AWS, so I'm a little lost. Here is some code I…
flyingcars34
  • 353
  • 4
  • 18
3
votes
2 answers

AWS CloudTrail Create API for Go SDK throwing error mesage "InsufficientS3BucketPolicyException: Incorrect S3 bucket policy is detected for bucket: "

I am trying to create a cloudtrail using Go SDK. Successfully able to connect AWS without any issue by following AWS doc. I Followed below steps for creating a trail Step1 - Created S3 Bucket, so that all trail log files can be placed in this…
ruman hassan
  • 59
  • 2
  • 9
2
votes
1 answer

Sent Org CloudTrail logs to CloudWatch to Non-Managment Account

I have an Organization setup in AWS and have a Management account and also a Sec Account. I have Delegated Admin of CloudTrail from the Management account to the Sec Account. In the Sec account I then setup an Organization CloudTrail and all logs…
alexis
  • 1,022
  • 3
  • 16
  • 44
2
votes
1 answer

Resource handler returned message: "invalid request provided: AWS::Logs::MetricFilter"

I am trying to set up a system in my log archive account that will send me an email notification when the RootTest IAM role is used to access my QA account. To do this, In my log archive account, I am using CloudFormation to create a log group…
Man Vinayaka
  • 21
  • 1
2
votes
1 answer

Getting Cloudwatch to send CreateLogGroup messages to EventBridge

I want CloudWatch to send CreateLogGroup messages to EventBridge. I understand this is possible, but also that Cloudwatch doesn't seem to send these messages by default. It seems you have to configure CloudTrail to get it to forward the message. But…
Justin
  • 4,649
  • 6
  • 33
  • 71
2
votes
1 answer

Getting details from cloudtrail

I must be missing something obvious. But I am not able to get the details of the error. There is no way to know exact error returned by lambda.
shantanuo
  • 31,689
  • 78
  • 245
  • 403
2
votes
2 answers

S3 Logs Details

Is there a way to see what actions the 'G2' IAM user is performing in S3, and which IP(s) they are running from? I have already enabled the logging of S3 actions. One point I’m still not able to figure out is that when I’m trying to find logs in…
samtech 2021
  • 59
  • 5
2
votes
1 answer

Cloudtrail not logging my s3 bucket events

I created a trail with data events: But when I go into the management console and upload a file to any s3 bucket, i cannot see the PutObject Event anywhere in cloudtrail: What am I missing?
David
  • 2,926
  • 1
  • 27
  • 61
2
votes
1 answer

Aws mismatch region

I have Instance which is in Ireland ,But in cloud trail it is showing the differnet region N.Virginai. Event Name:AssumeRole. Can anyone tell me why it is showing different region in cloud trail log
Hacker
  • 49
  • 4
2
votes
0 answers

Is it possible to get logging into CloudTrail/CloudWatch from AWS cognito user pools with the hosted UI?

I've been looking at events from cognito in cloudtrail, and I get several of them, but not all. After finding this article, it states: Hosted UI and Federation calls are currently not included in CloudTrail logging events. If it's still not…
Joe
  • 112
  • 7
2
votes
3 answers

How to Detect Someone Erasing Cloudtrail Logs

I'd like to monitor for anyone trying to erase logs from my CloudTrail's S3 Bucket. I have tried deleting myself with my own IAM User one of the logs on this bucket but CloudTrail itself didn't seem to notice I have erased an object from it's…
Exiett
  • 77
  • 7
1 2
3
19 20