Posted On: Jan 31, 2023
AWS CloudTrail Lake now supports ingesting activity events from non-AWS sources, making CloudTrail Lake a single location to immutably store user and API activity events for auditing and security investigations across AWS and hybrid environments. You can consolidate activity events from AWS and non-AWS sources – such as in-house applications and SaaS applications running in the cloud or on-premises – without having to maintain multiple log aggregators and analysis tools. CloudTrail Lake records all events in a prescribed CloudTrail schema, immutably stores them for up to seven years, and provides an integrated SQL experience to query your activity events. This makes it easier for you to manage and diagnose security, audit, and operational incidents in AWS and hybrid environments.
With this launch, AWS CloudTrail Lake has added 15 new integration partners which are: Cloud Storage Security, Clumio, CrowdStrike, CyberArk, GitHub, Kong Inc, LaunchDarkly, Netskope, Nordcloud, MontyCloud, Okta, One Identity, Shoreline.io, Snyk, and Wiz. You can find and add partner integrations to start receiving activity events from these applications in a few steps using the CloudTrail console, without having to build and maintain custom integrations. For sources other than the available partner integrations, you can use the new CloudTrail Lake APIs to set up your own integrations and push events to CloudTrail Lake. To get started, see Working with CloudTrail Lake in the CloudTrail User Guide. For partners interested in building an integration, see the CloudTrail Partner Onboarding Guide.
This capability is a feature of CloudTrail Lake. For pricing details, see CloudTrail pricing. This new feature is available in all AWS Regions where CloudTrail Lake is available.