Questions tagged with AWS CloudTrail

AWS CloudTrail monitors and records account activity across your AWS infrastructure, giving you control over storage, analysis, and remediation actions.

Content language: English

Select up to 5 tags to filter
Sort by most recent

Browse through the questions and answers listed below or filter and sort to narrow down your results.

233 results
Hi AWS, I have a GitHub self-hosted runner installed (Windows) installed on Amazon EC2. I have noticed that the runner is `Offline` and when I login into the server I figured out that somebody has...
1
answers
0
votes
279
views
profile picture
asked 10 months ago
Hello, I have currently setup cloudtrail logs to be query able in athena, however my create table looks something like ``` CREATE EXTERNAL TABLE cloudtrail( eventVersion STRING, userIdentity...
1
answers
0
votes
551
views
ramsa
asked 10 months ago
I have a log group and the Timestamp of the log shows today's date, but when I look at the eventTime field in the object described in the log I can see it was actually a few months ago, any one know...
0
answers
0
votes
279
views
bar
asked 10 months ago
Hi All, I have created a cloudtrail log to read any s3 dataevent. I see in s3 location, logs have started building. But when I try to query this data in S3 , it's failing with error ...
0
answers
0
votes
119
views
asked 10 months ago
Hello, I have been receiving a high cost from GuardDuty every day for some time, when I analyzed it further I saw that this cost is related to the analysis of CloudTrail events by GuardDuty, and I...
2
answers
0
votes
649
views
Carlos
asked 10 months ago
Hi, I have CloudTrail enabled on our AWS system, and I only enabled the Management event. Is there a way to not log events on Data Lifecycle Manager since it’s giving a bulk data event?
1
answers
0
votes
246
views
Rraii
asked 10 months ago
We have an alarm setup for CloudTrailAuthorizationFailures which is one of the metric filters in the CloudTrail/DefaultLogGroup. We have a retention on this log group for 12 months however when...
1
answers
0
votes
548
views
John
asked a year ago
Hi, Suddenly events stopped to sending logs to SIEM. All testing is passed in SIEM tool end, but logs are not receiving. Thanks.
0
answers
0
votes
70
views
Arun
asked a year ago
I currently have multiple AWS accounts under a single OU. I want to launch Control Tower in a NEW management account, and then register the existing OU to the Control Tower. What will happen to...
1
answers
0
votes
307
views
AWS
lovjim
asked a year ago
My organization is ingesting its CloudTrail logs into a Sentinel workspace. I recently updated our current LogTrail by adding S3 in the data events but when I performed some specific operations to...
1
answers
0
votes
382
views
Nov
asked a year ago
We are processing CloudTrail logs to check and highlight actions not protected by MFA. When someone signs in as Root all the events with `eventType` `AwsApiCall` have `sessionContext` populated. For...
0
answers
0
votes
79
views
roj
asked a year ago
Hello guy need help i am getting unauthorized API call is made alarm. i dont know what is the root cause. how to find this in cloudtrail?
1
answers
1
votes
1329
views
asked a year ago