Amazon CloudWatch launches unified management and analytics for operational, security, and compliance data
Amazon CloudWatch now provides new data management and analytics capabilities that allow you to unify operational, security, and compliance data across your AWS environment and third-party sources. DevOps teams, security analysts, and compliance officers can now access all their data in a single place, eliminating the need to maintain multiple separate data stores and complex (extract-transform-load) ETL pipelines. CloudWatch now offers greater flexibility in where and how customers gain insights into this data, both natively in CloudWatch or with any Apache Iceberg-compatible tool.
With the unified data store enhancements, customers can now easily collect and aggregate logs across AWS accounts and regions aligned to geographic boundaries, business units, or persona-specific requirements. With AWS Organization-wide enablement for AWS sources such as AWS CloudTrail, Amazon VPC, and Amazon WAF, and managed collectors for third party sources such as Crowdstrike, Okta, Palo Alto Networks, CloudWatch makes it easy to bring more of your logs together. Customers can use pipelines to transform and enrich their logs to standard formats such as Open Cybersecurity Schema Framework (OCSF) for security analytics, and define facets to accelerate insights on their data. Customers can make their data available in managed Amazon S3 Tables at no additional storage charge, enabling teams to query data in Amazon SageMaker Unified Studio, Amazon Quick Suite, Amazon Athena, Amazon Redshift, or any Apache Iceberg-compatible analytics tool.
To get started, visit the Ingestion page in the CloudWatch console and add one or more data sources. To learn more about Amazon CloudWatch unified data store, visit the product page, pricing page, and documentation. For Regional availability, visit the AWS Builder Center.