Stack Overflow
Stack Overflow

Questions tagged [amazon-cloudtrail]

Monitor AWS deployments in the cloud by getting a history of AWS API calls for the AWS account, including API calls made via the AWS Management Console, the AWS SDKs, the command line tools, and higher-level AWS services. Identify which users and accounts called AWS APIs for services that support CloudTrail, the source IP address the calls were made from, and when the calls occurred.

293 questions
1
vote
1 answer

Is it possible to write cloudtrail logs to an s3 bucket in another, third-party AWS account?

Is it possible to write cloudtrail logs to an s3 bucket in another, third-party AWS account? Want to configure CloudTrail to write the logs to an S3 bucket owned by another AWS account. Is this possible?
Alex
  • 35
  • 1
  • 5
1
vote
0 answers

Trigger AWS Lambda function whenever a file is added to AWS FSX

I would like to trigger an AWS Lambda Function whenever a new file is added to AWS FSX. This is in order to perform an action on the file using to the Lambda function that gets notified. While considering AWS cloudtrail, Eventbridge and Cloudwatch…
Taiwotman
  • 885
  • 14
  • 27
1
vote
1 answer

Pseudo parameter in cloudformation

I'm using the below simple template and trying to list the region in parameter section using Pseudo parameter AWS::Region, however getting the below error while trying to update the stack : Failed to retrieve external values Image posted here [1]:…
Phil
  • 57
  • 5
1
vote
1 answer

How to recover deleted table from Glue Data Catalog AWS

I've deleted a table from the Glue Data Catalog but I want to restore it. I already track the event in CloudTrail but I don't know how to restore it.
Edwar Macias Toro
  • 11
  • 2
1
vote
0 answers

AWS CloudTrail: log getObject calls in specific S3 directory

I'm trying to create a CloudTrail log for getObject calls to all files within a specific "directory" (I know) within S3. Unfortunately so far no logs have appeared at all after a few days. These files are accessed by their public URL, and I'm…
syberen
  • 649
  • 5
  • 17
1
vote
0 answers

AWS Cloudtrail - lookup-events for a specific trail

How to lookup-events given a AWS CloudTrail name (/arn) ? From AWS CloudTrail API documentation,I could not figure out if this feature is supported. If there are multiple trials how does CloudTrail lookup-events work (or not)?
Jason B
  • 21
  • 7
1
vote
0 answers

Monitoring events in AWS CloudTrail

I am working for a solution to monitor events the below, whenever this event occurs, send an email to a few users:- Start / Stop / Terminate Instances => **I was able to get this done using EventBridge by providing the predefined event pattern…
Shankar
  • 626
  • 7
  • 19
1
vote
1 answer

The AWS KMS key policy does not grant CloudTrail sufficient access multiple accounts

I am trying to configure a CloudTrail in a master AWS account and an AWS s3 bucket in a logging account. I've configured the s3 bucket policy in the logging account such that the master account CloudTrail resource has access to write to it. However,…
Evan Gertis
  • 1,796
  • 2
  • 25
  • 59
1
vote
2 answers

How to implement centralized Logging for an AWS Organization Account

I am working on a project to centralize our AWS Security Logs. The issue that we are running into is that we have just enabled organization level logging. Previously, our we our security terraform to each individual aws account. Now we are following…
Evan Gertis
  • 1,796
  • 2
  • 25
  • 59
1
vote
2 answers

AWS QuickSight Report for web application users using AWS Cognito logs with CloudTrail

We are using AWS Cognito service for our web application for authentication. We want create report in AWS QuickSight for auditing Login, Logout and Forgot Password events for all the application users. So we have enabled CloudTrail Logs and created…
aws_ik
  • 11
  • 1
1
vote
1 answer

AWS Cloudtrail Insights vs AWS Macie vs AWS GuardDuty

My understanding of all three is that they look for patterns in events and logs to determine if there is a potential security flaw. Another question touches upon this but somewhat unsatisfactory. What I got from that reply was: ... GuardDuty is…
Frankster
  • 653
  • 7
  • 26
1
vote
1 answer

Techniques for AWS CloudTrail and VPC Flow log S3 archival

Following AWS-recommended best practices, we have organization-wide CloudTrail and VPC flow logging configured to log to a centralized logs archive account. Since CloudTrail and VPC flow are organization-wide in multiple regions, we're getting a…
Jordan
  • 3,998
  • 9
  • 45
  • 81
1
vote
1 answer

Getting error to create Config remediation rule through Cloudformation (yaml)

I am getting error in the last parameter where I have to mention the value of TrailName and KMSKeyId. Both of these are getting incorrect while creating CFT from yaml file. The exact error is : (Service: AmazonConfig; Status Code: 400; Error Code:…
Sanyam Grover
  • 100
  • 1
  • 8
1
vote
1 answer

Can CloudTrail Log SQS ReveiceMessage and SendMessage Events in Event History?

I have CloudTrail logging my SQS queue's events, but the only SQS related events I see are CreateQueue and DeleteQueue. I am trying to have CloudTrail log ReceiveMessage and SendMessage SQS events as well. From my research, I am find both answers…
dmoini
  • 313
  • 2
  • 15
1
vote
0 answers

S3 - Cloudtrail logs cannot log upload object event

I created an S3 bucket then created a Cloudtrail trail for it. I set the trail to record Data Events with this configuration eventName startsWith Put eventName startsWith Delete resources.ARN I tried uploading files to my bucket via the Java…
Xmus Jackson Flaxon Waxon
  • 69
  • 6
1 2 3
19 20