- Más nuevo
- Más votos
- Más comentarios
Hi,
Insights are created as soon as CloudTrail Insights detect changes in your account's API usage that differ significantly from the account's typical usage patterns.
CloudTrail Insights continuously monitors CloudTrail write management events, and uses mathematical models to determine the normal levels of API event and error rate activity for an account.
Checking your CloudTrail logs did you see any anomalous requests (errors, volume of requests, etc) during this one month window?
Best regards,
Ricardo Makino
Hi,
What is "as soon as CloudTrail Insights detect " mean?
A: It means that after activated CloudTrail Insights starts to analise the events on write API and if any behavior change is detected an insight is created:
On the example above the baseline of API call rate was 0.0011 and was identified a growth on 139260%.
Best regards,
Ricardo Makino
Hi,
Thank you!
Do Insights detect anomalous per minute, which means insights aggregate events per minute and create a start event where start time is based on ‘minute’ level after detecting anomalies? By the way, if an insights event ends, Insights will post an end event with end time('minute' level) and duration ?
Contenido relevante
- OFICIAL DE AWSActualizada hace 2 años
- OFICIAL DE AWSActualizada hace 2 años
- OFICIAL DE AWSActualizada hace 3 años
Hi,
Thanks for your answer very much!
I'm still a little confused. What is "as soon as CloudTrail Insights detect " mean?
For example: 01:00, unusual activity occurred, and lasts until 01:30.
When insights event created ?
A: In minutes, e.g.:
B: Or in hours, e.g.: