Log Management and Analysis
Alert Logic Professional includes a log management solution that uses CloudTrail as a data source. Alert Logic Professional will track, parse, analyze, and archive CloudTrail information to quickly identify indicators of compromise, potential breaches, or run incident response forensics. This capability is critical if your organization needs to meet PCI, HIPAA, SOX, or other compliance regulations. With Alert Logic Professional and CloudTrail, you can focus on remediating threats quickly including unauthorized privilege escalations, brute force attempts, malicious user identity, and access activities.
AlienVault USM Anywhere natively collects, analyzes, and stores AWS CloudTrail events to deliver continuous security monitoring and compliance management. It automates threat detection and incident response across your AWS accounts, as well as on-premises and hybrid environments. USM Anywhere is attested compliant with PCI, HIPAA, and SOC 2, and includes pre-built and customizable reports to help you monitor and demonstrate your security and compliance efforts.
Boundary interprets AWS CloudTrail log data while combining it with other event information from tools like AWS OpsWorks. This approach enables customers to monitor severity of changes that take place, understand what changes caused production issues, and look back in time for who performed what changes. By combining these insights with Boundary’s streaming flow data, customers can easily move from an alert into deeper situational awareness with granular views into change history and performance data.
CloudCheckr integrates with AWS CloudTrail to provide visibility and actionable information about your resources in Amazon Web Services (AWS). Because CloudCheckr is designed specifically for AWS, it provides deep insights into what's happening in your AWS accounts. Using CloudCheckr, you can analyze, search, understand, and alert on AWS API activity and resources. CloudCheckr can be configured to start ingesting your CloudTrail log files in minutes. CloudCheckr offers a free 2 week trial.
Datadog is a monitoring service for hybrid cloud applications, assisting organizations in improving agility, increasing efficiency, and providing end-to-end visibility across the application and organization. These capabilities are provided on a SaaS-based data analytics platform that enables Dev, Ops and other teams to accelerate go-to-market efforts, ensure application uptime, and successfully complete digital transformation initiatives.
Rapid7 InsightOps combines log management with live asset analysis for easy IT monitoring and troubleshooting. With InsightOps, you can seamlessly collect, store, and analyze AWS CloudTrail logs. InsightOps features an easy-to-use interface to quickly understand your AWS account activity, alerts to notify you of important CloudTrail events in your AWS account, and out-of-the-box dashboards that provide a high level summary view of your CloudTrail data.
Saviynt Security Manager for AWS delivers privileged access management, identity management and security controls to address compliance needs for AWS resources. Saviynt integrates with AWS CloudTrail as a key data source and provides comprehensive visibility on privileged, serverless and regular AWS usage activity. With Saviynt, you can secure your AWS infrastructure and enforce compliance mandates using its continuous monitoring and usage visibility capabilities.
Splunk software enables organizations to monitor, search, analyze, visualize and act on massive streams of real-time and historical machine data. The Splunk App for AWS is designed to consume data from AWS CloudTrail and offers a pre-built knowledge base of critical dashboards and reports. Customers using the Splunk App for AWS gain in-depth visibility and rapid insights into AWS administration and account activity.
Sumo Logic provides a cloud-based machine data analytics platform that enables enterprises to proactively identify and fix operational issues, generate unique business insights, improve security visibility, and manage regulatory compliance. The Sumo Logic Application for AWS CloudTrail consumes data from a customer's account and provides queries, reports and real-time dashboards for greater visibility into their security and operations practices.
Threat Stack enables growth-driven companies to scale securely and meet complex cloud security needs by identifying and verifying insider threats, external attacks, and data loss in real time. Purpose-built for today’s infrastructure, the Threat Stack Cloud Security Platform and Cloud SecOps Program combine continuous security monitoring and risk assessment to empower security and operations teams to better manage risk and compliance across their entire infrastructure, including cloud, hybrid-cloud, multi-cloud, and containerized environments.
2nd Watch helps customers tailor and integrate managed cloud solutions that holistically and proactively encompass the operating, financial, and technical requirements for scaling long-term use of AWS.
Using AWS Management Tools like Amazon EC2 Systems Manager, AWS Config, CloudFormation and CloudTrail, 2nd Watch Managed Cloud gives you zero-day patching, technical and financial optimization, reduced complexity and increased visibility into your environment—for more leverage with less risk.
Cloudreach's AWS CloudTrail practice has been validated as part of the AWS Service Delivery Program.
As an AWS Premier Consulting Partner, Cloudreach delivers strategy, planning, implementation, and business transformation, while also investing in operational services and operations capabilities to sustain performance and service quality for customers.
Cloudreach operates using a competency-based offering, covering Cloud Data Centre, Application Innovation, e-Commerce, Digital Estates, Data Analytics, Cloud Adoption, and Cloud Service Line. Cloudreach has delivered projects to customers in North America and Europe, relying on AWS CloudTrail to deliver services to end users.
Cognizant enables global enterprises to address a dual mandate: to make their current operations as efficient and cost-effective as possible, and to invest in innovation to unleash new potential across their organizations. What makes Cognizant unique is the ability to do both by enhancing productivity and ensuring that vital business functions work faster, cheaper and better.
Cloudnexa is a Premier Consulting Partner and Authorized Reseller of AWS services. We help clients achieve their infrastructure and business goals using cloud. A key element of that success is our vNOC Cloud Management Platform, designed to provide clients with the automation tools necessary to manage cloud services on AWS. CloudNexa integrates with AWS CloudTrail and provides clients the tools to perform troubleshooting or IT auditing.
Flux7 is a Premier AWS Consulting Partner with over 150 projects focusing on Devops and Cloud Management. Leveraging AWS Management Tools, Flux7 helps customers develop agile cloud operations and ensures DevOps practices are embedded into the foundation of business infrastructure.
Foghorn Consulting's AWS CloudTrail practice has been validated as part of the AWS Service Delivery Program.
Foghorn integrates monitoring, alerting, and automation tools with AWS CloudTrail to enable real-time compliance and enterprise-grade security and auditability.
Foghorn Consulting is an AWS Advanced Consulting Partner and managed service provider focusing on public cloud enablement for startups, SaaS providers and enterprises. With an unsurpassed track record of success, Foghorn’s approach dramatically reduces risk and accelerates deployment schedules. Foghorn Consulting assists startups and enterprise companies as they migrate to AWS, and then manages those AWS environments once they are successfully in the cloud. By doing this, Foghorn enables customers to focus on their applications rather than servers and infrastructure.
Smartronix is a global professional solutions provider specializing in cloud computing, NetOps, Cyber Security, Enterprise Software Solutions and Health IT. AWS CloudTrail is an integral part of Smartronix’ CloudAssured Managed IaaS solution, which provides fully managed AWS for Enterprise and Government customers with strict regulatory requirements and enhanced security concerns.
Stelligent's AWS CloudTrail practice has been validated as part of the AWS Service Delivery Program.
Stelligent is an AWS DevOps Competency Partner and has expertise in creating fully scripted, tested, versioned and continuous delivery systems for customers so that they can deliver software to users at the click of a button and/or with every code change.
For customers who have an automated delivery process and prefer to let their engineers focus on core business rather than supporting infrastructure, Stelligent’s DevOps Management service ensures the health and value of your continuous deployment pipeline and infrastructure.
AWS CloudTrail Lake Integrations
Cloud Storage Security
Cloud Storage Security allows customers to protect their data in public cloud object storage ensuring applications, devices and downstream customers are guarded from malicious files placed into object storage like Amazon S3. Enable this integration to audit and analyze Cloud Storage Security events such as problem file discovery and bucket configuration changes in AWS CloudTrail Lake.
Clumio is a secure, backup-as-a-service for the enterprise that replaces the complexity of managing data across all clouds with an authentic approach to SaaS. View login attempts, user role & ou updates, policy edits, restores, changes to connected data sources, and more in CloudTrail Lake.
CrowdStrike is cloud-delivered next-generation endpoint protection platform with unified next-generation antivirus, endpoint detection and response (EDR). Deliver user activity data generated on the CrowdStrike Falcon platform to CloudTrail Lake, enabling aggregation, immutability, retention, and analytics to simplify auditing, security investigation, and operational troubleshooting.
CyberArk provides a comprehensive security offering for any identity – human or machine – across business applications, distributed workforces, hybrid cloud workloads and throughout the DevOps lifecycle. Integrate CyberArk Identity Security Intelligence audit logs, alerts for User Behavior Analytics (UBA) and Privileged Detection events to increase visibility and responsiveness to targeted threats.
Open source projects, to startups, to global companies, GitHub helps organizations of every size code, scale, and work better together. Open source solution to integrate GitHub audit log into CloudTrail Lake to analyze events triggered by activities that affect your GitHub Enterprise.
Kong Inc. builds, sells, and supports Kong, the worlds most popular open source API gateway and microservice management platform.
LaunchDarkly helps development teams innovate faster by transforming how they deliver software with the ability to progressively release new features to any segment of users on any platform. Integrate LaunchDarkly with AWS CloudTrail Lake to view flag updates, role and member changes and more alongside AWS and non-AWS event activity.
MontyCloud helps customers gain multi-account visibility, enable self-service provisioning, detect and fix over 300 compliance and security issues, and automate Server and Cloud Application management. Integrate with CloudTrail Lake to capture and store audit-worthy admin and user events which occurred through MontyCloud DAY2™ Cloud Management Platform.
Netskope provides continuous security posture assessment for your AWS workloads and services to reduce risk and help ensure compliance. Enable the AWS CloudTrail Lake integration to store real-time and at-rest Saas, IaaS, firewall, zero trust, and web activities and data usage events and alerts.
Nordcloud is a European leader in cloud application modernisation, development, migration, managed services and training. Integrate Nordcloud Klarity’s cloud management tools with AWS CloudTrail Lake to store, track and analyze user activity events performed across cloud environments.
The Okta Identity Cloud enables organizations to securely connect the right people to the right technologies at the right time. With this open source solution you can integrate Okta System Log events into CloudTrail Lake using Amazon EventBridge log stream. This allows you to analyze events that occur in your Okta applications.
OneLogin's powerful authentication and role-based user provisioning engine enables organizations to implement least-privileged access controls and eliminate manual user management workflows for all AWS users and accounts. This integrations sends OneLogin admin and user events to CloudTrail Lake.
Shoreline.io, a cloud reliability platform helps customers accelerate the resolution of incidents. Shoreline eliminates thousands of hours of degraded service by improving on-call team productivity and automating away production incidents. Customers can now enable real-time streaming of Shoreline activity logs to AWS CloudTrail Lake.
Snyk’s Developer Security Platform automatically integrates with a developer’s workflow and is purpose-built for security teams to collaborate with their development teams. Integrate Snyk audit logs to CloudTrail Lake to capture event history such as changes to users, groups, or organizations within the developer security platform.
Wiz gives you the tools to bring your DevOps and development teams into the process to fix IT risks, creating a culture of security in your cloud operations that results in a stronger, more secure cloud. Integrate Wiz's audit logs for security and compliance investigations, diagnosis, or troubleshooting errors. Analyze key audit log events such as login, logout, and other users update, store them for an extended period and query them as needed.
Interested in Becoming an AWS CloudTrail Partner?
AWS CloudTrail participates in the AWS Service Delivery Program. The AWS Service Delivery Program recognizes AWS Partners with a verified track record of delivering specific AWS services and workloads to AWS customers, including AWS CloudTrail.
Discover More AWS CloudTrail Resources