Stack Overflow
Stack Overflow

Questions tagged [amazon-cloudtrail]

Monitor AWS deployments in the cloud by getting a history of AWS API calls for the AWS account, including API calls made via the AWS Management Console, the AWS SDKs, the command line tools, and higher-level AWS services. Identify which users and accounts called AWS APIs for services that support CloudTrail, the source IP address the calls were made from, and when the calls occurred.

293 questions
1
vote
0 answers

AWS CloudTrail: deliver filtered logs to CloudWatch Logs without writing to S3 bucket

AWS CloudTrail provides with management API calls bulk logging, but logs are monstrous, only viewable & downloadable. There is also the option to set multi- or single-regional single- or cross-account "Trails", which can log only a) system…
Kondratxxx
  • 21
  • 2
1
vote
0 answers

Sending Cloudtrail gzip logs from S3 to ElasticSearch

I am relatively new to the whole of the ELK set up part, hence please bear along. What I want to do is send the cloudtrail logs that are stored on S3 into a locally hosted (non-AWS I mean) ELK set up. I am not using Filebeat anywhere in the set up.…
qre0ct
  • 5,680
  • 10
  • 50
  • 86
1
vote
1 answer

Parsing Dictionary Response in AWS Lambda

I'm attempting to create an AWS Lambda function that consumes CloudTrail events via an S3 trigger. This function will alert on the deletion of CloudWatch logs. The events: 'eventSource': 'logs.amazonaws.com' and 'eventName':…
Dan
  • 21
  • 1
  • 5
1
vote
0 answers

Cloudtrail logs to AWS Elasticsearch

Attempting to get cloudtrail logs of multiple aws accounts from s3 into elasticsearch and things appear to be working on and off until now where everything ground to halt. and error show is shown…
tripleb
  • 67
  • 2
  • 2
  • 10
1
vote
0 answers

Trigger lambda on ECR PutImage event

I'm having trouble understanding why a Cloudwatch event rule is not firing. I've followed this related question and did the following. Created a Cloudtrail which sends events to a Cloudwatch log Created the following CloudWatch event rule: { …
rix
  • 10,104
  • 14
  • 65
  • 92
1
vote
1 answer

CloudFormation Bucket Policy- Missing required field "Effect"

I have the following code which I'm trying to deploy to CloudFormation. For some reason, it insists that I'm missing a crucial element in my template. I only started getting this error since I modified the bucket policy in the resource…
M.Weissman
  • 13
  • 1
  • 4
1
vote
1 answer

AWS CloudWatch Events trigger SNS on STS role assuming for cross account

I have a cross-account architecture and I'm setting up a CloudWatch event for the STS role assuming into another account. I have CloudTrail enabled on the account, the logs from CloudTrail are stored in a separate accounts s3 bucket. The SNS feeds…
Joshua G. Edwards
  • 643
  • 6
  • 22
1
vote
1 answer

Setup CloudTrail for SQS events

I was following https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/logging-using-cloudtrail.html doc to pass SQS management events to CloudTrail. I did not get any particular step to set it up specifically for SQS. After…
user958573
  • 101
  • 1
  • 2
  • 9
1
vote
1 answer

Create CloudWatch Alarm to notify about setting a S3 object to public

I want to create on CloudWatch a metric filter and an alarm based on it to notify me about S3 events, specially when a file or a bucket is set to public. This is the metric filter I used to create the metric: { ($.eventSource = s3.amazonaws.com) &&…
Souad
  • 4,856
  • 15
  • 80
  • 140
1
vote
1 answer

Parse CloudTrail logs with Python

I'm working on a lambda function that gets events from CloudTrail and analyse them. I have this script: s3.download_file(bucket, key, download_path) with gzip.open(download_path, "r") as f: data = json.loads(f.read()) …
Souad
  • 4,856
  • 15
  • 80
  • 140
1
vote
1 answer

Sending SNS notifications when there is an IAM Change

I set an SNS notification to send me an email whenever there is a change regarding the IAM policies. When a change occurs, CloudTrail sends a Log to CloudWatch which triggers an alarm attached to an SNS topic. More details in this link. Here is an…
Souad
  • 4,856
  • 15
  • 80
  • 140
1
vote
1 answer

Datadog - Lambda integration

I have a AWS Lambda function which filters AWS log events from Cloud-trail and give only my AWS ROLE's events. Can I send this records only to Data-dog? Is there an API in which I can pass this filtered events directly?
mightymahesh
  • 303
  • 3
  • 14
1
vote
3 answers

CloudFormation CloudTrail S3 Policy Error - Incorrect S3 bucket policy is detected for bucket

Thanks in advance! I've been stuck on this all weekend.. I'm attempting to create a cloudtrail service in cloudformation but receive this error when ran - Incorrect S3 bucket policy is detected for bucket: s3bucket-xxxxxx Here's my code;…
Joshua G. Edwards
  • 643
  • 6
  • 22
1
vote
1 answer

how to make cloud trail log files publicly readable

Cloud trail is keeping all its log file in S3 bucket. Bucket's Permission: Object Access is set to "Read" for Everyone When you click on bucket and you reach the point where you see your log file. then we see file's Permission: Object Access is not…
nishant angaria
  • 11
  • 3
1
vote
0 answers

Logging AWS ElasticTranscoder Job statuses

I have an AWS ElasticTranscoder setup which upon receiving jobs, produces status event messages for each job ('Progressing', 'Error', 'Warning' etc) to SNS. The SNS is hooked to a SQS queue which is consumed by my consumer service. I want to log the…
premunk
  • 303
  • 1
  • 4
  • 18
1 2 3
19 20