Posted On: Apr 19, 2022

Amazon Redshift now offers new enhancements for Audit Logging, which enables faster delivery of logs for analysis by minimizing latency while also adding Amazon CloudWatch as a new log destination. With this release, customers can choose to stream audit logs directly to Amazon CloudWatch, which enables customers to perform real-time monitoring.

Amazon Redshift provides customers the ability to generate audit logs to help meet security, compliance and diagnostic needs. AWS ran an internal test which showed the new enhancements to Audit Logging reduces the latency associated with delivering log data to Amazon S3 from up to 24 hours to less than 2 hours. By adding Amazon CloudWatch as a log destination, the latency of logs delivery is further reduced to less than 2 minutes. You can enable audit logging to Amazon CloudWatch via the AWS Management Console, API, or CLI. If you change the log destination from Amazon S3 to Amazon CloudWatch, you can still query the log data in the Amazon S3 buckets where it resides, and you will still be able to get your logs in the Amazon S3 bucket by using CloudWatch export to Amazon S3 feature.

Amazon Redshift enhancements for Audit Logging is available in all AWS commercial regions where Amazon Redshift is available. See AWS Region Table for more details. You can find more information about Audit logging from the Redshift cluster management guide.