AWS Cloud Operations Blog
Category: AWS CloudTrail
Audit and visualize ephemeral EC2 instances using AWS CloudTrail Lake as a zero-ETL data source in Amazon Athena
Today, we are happy to announce that AWS CloudTrail Lake data is now available for zero-ETL analysis in Amazon Athena. AWS CloudTrail Lake is a managed data lake for capturing, storing, accessing, and analyzing user and API activity on AWS for audit, security, and compliance purposes. CloudTrail Lake allows you to easily aggregate activity logs […]
Announcing AWS CloudTrail Lake one-year extendable retention pricing option
In 2022 Amazon Web Services (AWS) released AWS CloudTrail Lake, a managed audit and security lake that allows you to aggregate, immutably store, visualize, and query your activity logs for auditing, security investigation, and operational troubleshooting. Working backwards from our customers we have added capabilities to CloudTrail Lake such as the ability to copy CloudTrail events into […]
Identify AWS Systems Manager Patch Compliance Status with AWS CloudTrail Lake
Security and compliance is a shared responsibility between AWS and the customer. The shared responsibility model outlines responsibilities for Security of the Cloud versus Security in the Cloud. Customers are responsible for Security in the Cloud, which includes patching Amazon EC2 instances. For the customers running workloads on EC2 instances, during security audits, they may be […]
Ingesting activity events from non-AWS sources to AWS CloudTrail Lake
AWS CloudTrail Lake is a managed data lake for capturing, storing, accessing, and analyzing user and API activity on AWS for audit, security, and operational purposes. You can aggregate and immutably store your activity events, and run SQL-based queries for search and analysis. In Jan 2023, AWS announced the support of ingestion for activity events […]
Simplify analysis of AWS CloudTrail data leveraging Amazon CloudWatch machine learning and advanced capabilities
AWS CloudTrail tracks user and API activities across AWS environments for governance and auditing purposes and allows customers to centralize a record of these activities. Customers have the option to send AWS CloudTrail logs to Amazon CloudWatch that simplifies and streamlines the analysis and monitoring of AWS CloudTrail recorded activities. Amazon CloudWatch anomaly detection allows […]
Announcing AWS CloudTrail Lake Dashboards – Visualize and Analyze CloudTrail data
In January 2022, AWS announced general availability of AWS CloudTrail Lake, a managed audit and security lake that allows you to aggregate, immutably store and query activity logs for auditing, security investigation and operational troubleshooting. Since launch, thousands of customers have adopted this feature. We are excited to announce that CloudTrail Lake dashboards are now […]
Estimating AWS Config recorder costs and usage using AWS CloudTrail
AWS Config is a service that tracks configuration changes of AWS resources in your AWS account. AWS Config uses the configuration recorder to create a configuration item whenever it detects a change to a resource type that it is recording. For example, if AWS Config is recording Amazon S3 buckets, AWS Config creates a configuration […]
View multi-account Service Quotas Increase using AWS CloudTrail Lake
In this post, you’ll learn how to find all of the Service Quotas that were modified across all accounts and regions using AWS CloudTrail Lake. The solution uses AWS CloudTrail’s new feature CloudTrail Lake to analyze CloudTrail events. This solution can help customers be proactive in scenarios including: Workload promotion from lower environment to Production […]
Gain compliance insights using the open source community for AWS CloudTrail
Does your organization need to maintain visibility into operations in their AWS accounts for security and compliance? Do you need this visibility across multiple AWS accounts and geographic regions? Would you like predefined templates to help you get started with analyzing account activity quickly? Using AWS CloudTrail Lake and our newly announced public repository of […]
Consolidate and query AWS CloudTrail data across accounts and regions using AWS CloudTrail Lake
AWS CloudTrail allows tracking of user and API activities across your AWS infrastructure. AWS CloudTrail best practices recommend AWS customers set up separate trails for different use cases such as operational troubleshooting, auditing, security monitoring, etc. Once the use case is accomplished, customers might permanently delete some of the trails but choose to retain their […]