Questions tagged with AWS CloudTrail
AWS CloudTrail monitors and records account activity across your AWS infrastructure, giving you control over storage, analysis, and remediation actions.
Content language: English
Select up to 5 tags to filter
Sort by most recent
Browse through the questions and answers listed below or filter and sort to narrow down your results.
Hi,
Suddenly events stopped to sending logs to SIEM. All testing is passed in SIEM tool end, but logs are not receiving.
Thanks.
I currently have multiple AWS accounts under a single OU. I want to launch Control Tower in a NEW management account, and then register the existing OU to the Control Tower. What will happen to...
My organization is ingesting its CloudTrail logs into a Sentinel workspace. I recently updated our current LogTrail by adding S3 in the data events but when I performed some specific operations to...
We are processing CloudTrail logs to check and highlight actions not protected by MFA.
When someone signs in as Root all the events with `eventType` `AwsApiCall` have `sessionContext` populated. For...
Hello guy need help
i am getting unauthorized API call is made alarm. i dont know what is the root cause.
how to find this in cloudtrail?
Hello Team.
I have implemented Control Tower, so I have management, audit, log archive and additional member accounts.
This setup has activated in every account some services suchs as:
AWS Config,...
I would like to monitor the volume of data sent externally from my AWS account.
I'm looking for to retrieve logs that allow me to have the volume of data sent externally in real time.
Who can help me...
backgoround: querying cloudtrail logs via athena, however the database and table table is created using glue crawler but running into error
**HIVE_UNSUPPORTED_FORMAT: Unable to create input format**
According to the AWS documentation, "to collect CloudTrail management events in Security Lake, you must have at least one CloudTrail multi-Region organization trail that collects read and write...
Hi community, as the title says I came across some events when I was searching for some events in my CloudTrail event history and today I learned that IAM events go us-east-1 by default.
My aim was...
Here's my setup. I have four accounts - a management account and three member accounts for security, dev, and production. In the process of setting up my organization I've configured organization and...
Hi! I am trying to create a trail in Cloudtrail with the Cloudwatch, SNS topic, and an S3 bucket for the logs integration via the console in order to fulfill the PCI compliance results obtained by...