CloudTrail logs for GitHub self-hosted runner
Hi AWS, I have a GitHub self-hosted runner installed (Windows) installed on Amazon EC2. I have noticed that the runner is Offline and when I login into the server I figured out that somebody has deleted the windows service for GitHub runner which is not ideal in a production set up. I know that there is a _diag folder which captures the logs for the runner https://github.com/orgs/community/discussions/25538 but I want to get more details who has deleted the runner. Is there a way that we can figure that out using CloudTrail. Please guide.
- 최신
- 최다 투표
- 가장 많은 댓글
When activity occurs in your AWS account, that activity is recorded in a CloudTrail event. You can view the past 90 days of recorded API activity (management events) in an AWS Region in the CloudTrail console by going to Event history.
Anything that happens on a Windows Server will not be captured by cloudtrail. You will need to review the operating system logs.
관련 콘텐츠
AWS 공식업데이트됨 일 년 전- AWS 공식업데이트됨 2년 전
- AWS 공식업데이트됨 7달 전
@Gary Mclean, so you mean to say we need to track such activities though OS logs or we need to implement some kind of
Alert mechanismto figure out who stopped the runner service and deleted it which brings the self-hosted runner configured on EC2 in Offline state.