Posted On: Jun 13, 2023

AWS CloudTrail Lake, a managed data lake that lets organizations aggregate, immutably store, and query their audit and security logs for auditing, security investigations and operational troubleshooting, announces the general availability of CloudTrail Lake dashboards. CloudTrail Lake dashboards provide out-of-the-box visibility for top trends from your CloudTrail data directly within the CloudTrail Lake console. It also offers the flexibility to drill down into additional details such as specific user activity for further investigation needs using CloudTrail Lake SQL queries. Auditing and compliance engineers can use the CloudTrail Lake dashboards to track progress of compliance mandates such as migration to TLS 1.2 and beyond. CloudTrail Lake dashboards will help security engineers closely track sensitive user activities such as deletion of trails or repeated access denied errors. Cloud operation engineers can get visibility to issues such as top service throttling errors from the curated dashboard.

To get started with CloudTrail Lake dashboards, you need to create at least one CloudTrail Lake event data store in your AWS account. Once you activate dashboards, you will see the curated dashboard widgets for the selected event data store in your console. From the dashboard, you can go to the corresponding SQL query and customize the query for further analysis. 

This capability is now available in all commercial and AWS GovCloud (US) Regions where CloudTrail Lake is available. Enabling CloudTrail Lake dashboards will result in CloudTrail Lake query charges. Refer to CloudTrail pricing for details. To learn more about CloudTrail Lake dashboards, visit the documentation.