AWS – CloudTrial | Infra Cloud Solutions

AWS CloudTrail is a web service that records AWS API calls for your account and delivers log files to you. The recorded information includes the identity of the API caller, the time of the API call, the source IP address of the API caller, the request parameters, and the response elements returned by the AWS service.

AWS CloudTrail provides a record of your AWS API calls. You can use this data to gain visibility into user activity, troubleshoot
operational and security incidents, or to help demonstrate compliance with internal policies or regulatory standards.

This information is collected and written to log files that are stored in an Amazon S3 bucket that you specify.

– Once you have enabled CloudTrail, event logs are delivered every 5 minutes. You can configure CloudTrail so that it aggregates log files from multiple regions into a single Amazon S3 bucket.

– In addition to CloudTrail’s user activity logs, you can use the Amazon CloudWatch Logs feature to collect and monitor system, application, and custom log files from your EC2 instances and other sources in near real time.

Use Cases

Security analysis
Track changes to AWS Resources
Compliance Aid
Troubleshoot Operational issues

– by default, cloudTrail log files are encrypted using S3 Server Side Encryption (SSE) and placed into your S3 Bucket.

– You can turn on Amazon SNS notifications so that you can take immediate action on delivery of new logs

Share this:

Related

Leave a comment Cancel reply