AWS CloudTrail

Track user activity and API usage on AWS and in hybrid and multicloud environments

Benefits

With CloudTrail Lake, you can ingest activity events from AWS and sources outside AWS, including other cloud providers, in-house applications, and SaaS applications running in the cloud or on premises.
In AWS CloudTrail Lake, you can immutably store audit-worthy events. Easily generate audit reports required by internal policies and external regulations.
Detect unauthorized access and analyze activity logs using Amazon Athena or with SQL-based queries, now even easier with natural language query generation, powered using generative AI, for users with less expertise in writing SQL queries. Respond with rules-based EventBridge alerts and automated workflows.

Why AWS CloudTrail?

AWS CloudTrail is a service that enables governance, compliance, operational auditing, and auditing of your AWS account.

Use cases

Protect your organization from penalties using CloudTrail logs to prove compliance with regulations such as SOC, PCI, and HIPAA.

Read how our features help with auditing use cases

Improve your security posture by recording user and API activity in your AWS accounts. You can also enhance your data perimeter with network activity events for VPC endpoints (in preview). 

Learn more about network activity events (in preview) in CloudTrail 

Answer operational questions, facilitate debugging, and investigate issues using SQL-based queries, natural language query generation, or Amazon Athena. Summarize query results by turning on the AI-powered query result summarization feature (in preview), further streamlining your investigations. Visualize trends with dashboards in CloudTrail Lake.

Learn how to run SQL queries against your event data using Amazon Athena