Posted On: Nov 18, 2022
AWS Audit Manager automatically collects evidence data, via snapshots of user activity or resource configurations, against controls that customers want to evaluate. Now, Audit Manager more easily allows you to sift through thousands of pieces of this collected evidence from multiple disparate sources, using search filters and groupings to identify trends and cross-reference issues. This will help you deep dive into issues identified via flagged compliance checks in the service, either in assessments - an automated data collection process against a specific set of controls - or on the Audit Manager dashboard. With this feature, you can filter and group evidence data using parameters like controls, resource types or resource IDs, service, event names, account IDs, etc. to understand the drivers of the issue. These results can then be exported as audit-ready PDF reports.
To start searching through your evidence, go to the left navigation menu in the Audit Manager console and select the ‘Evidence Finder’ page, choose the assessment and time-range you want to search through, and then select the parameters and filters for your search.
This feature within AWS Audit Manager is available in the following AWS Regions: US East (Ohio, N. Virginia), US West (N. California, Oregon), Canada (Central), Europe (Frankfurt, Ireland, London), and Asia Pacific (Mumbai, Singapore, Sydney, Tokyo).
Enabling this feature triggers ingestion and storage of Audit Manager evidence into AWS CloudTrail Lake. CloudTrail Lake pricing applies. Learn more about this feature in our features page or refer to our documentation. Get started today by visiting the AWS Audit Manager Console, AWS Command Line Interface, or APIs.