2020-05-20T09:04:00Z

How can Cloudtrail logs be used effectively to improve log monitoring?

Rony_Sklar - PeerSpot reviewer
  • 1
  • 119
PeerSpot user
1

1 Answer

TS
Reseller
2020-05-27T12:43:23Z
May 27, 2020

CloudTrail logs are an excellent and necessary way to monitor activity in your AWS environment. They are the "under-the-hood" audit logs much like
OS audit data, but covering the entire cloud infrastructure. This could include things like new compute instances created, user credentials changing, new encryption keys used, databases modified, and so much more. Essentially it covers anything done through the AWS console or APIs for your various cloud services. You really need to bring those logs into a SIEM or UEBA to leverage them properly, and you need to have good alerting
triggers, correlation rules and/or behavioral models setup to tell you when something suspicious happens.

Find out what your peers are saying about Splunk, Datadog, Wazuh and others in Log Management. Updated: March 2024.
765,386 professionals have used our research since 2012.
Search for a product comparison in Log Management
Log Management
A log is a file that is produced automatically when an event occurs in your system.
Download Log Management ReportRead more

Log Management experts

Adrian Cambronero - PeerSpot reviewer
Diana Alvarado - PeerSpot reviewer
Jonathan Ramos G. - PeerSpot reviewer
Nagendra Nekkala. - PeerSpot reviewer
Olajide Olusegun - PeerSpot reviewer
Hugo Alexis Espinoza Naranjo - PeerSpot reviewer
Edwin Solano Salmeron - PeerSpot reviewer
Prasanth MG - PeerSpot reviewer