Posted On: Nov 10, 2014
We are excited to announce the integration of AWS CloudTrail with Amazon CloudWatch Logs. Now you can receive SNS notifications from CloudWatch about specific API activity captured by CloudTrail, such as when Security Groups or Network ACLs are created, updated, or deleted.
After you turn on CloudTrail integration with CloudWatch Logs, which you can do from the CloudTrail console or using the AWS SDKs or AWS CLI, CloudTrail begins to continuously and automatically deliver all the CloudTrail events associated with API activity to a CloudWatch Logs log group you specify. In the CloudWatch console, you can create metric filters, assign a CloudWatch metric, and create CloudWatch alarms to receive notification about specific API activity. For examples of creating CloudWatch alarms for critical security and network API activity such as changes to Security Groups, and Network ACLs, go to the CloudTrail documentation.
CloudTrail integration with CloudWatch Logs is currently supported in the N.Virginia, Oregon, and Ireland AWS regions, where CloudWatch Logs is supported. More regions will be supported in the future. After you turn on the integration, you incur standard CloudWatch Logs and CloudWatch charges. For more details, go to CloudWatch pricing page.
To turn on CloudTrail integration with CloudWatch Logs, go to the CloudTrail console. For more details, go to the CloudTrail detail page, FAQs and CloudTrail documentation.