- Mais recentes
- Mais votos
- Mais comentários
CloudTrail SDK or AWS CLI can only fetch management events or insight events, there are other alternatives that you can consider.
One option is to use the CloudTrail Insights feature, which allows you to analyze CloudTrail data using a query language. With CloudTrail Insights, you can write a query to filter and search for S3 data events, such as GetObject and PutObject, based on specific criteria.
Another option is to set up a CloudWatch Events rule to trigger a Lambda function whenever a data event occurs in S3. The Lambda function can then process the event and perform any necessary actions, such as storing the event data in a database or sending a notification.
You can use Athena to query the CloudTrail data in S3. See: Analyze Security, Compliance, and Operational Activity Using AWS CloudTrail and Amazon Athena.
You can see how this is done in this workshop, Ransomware on S3 - Simulation and Detection
Conteúdo relevante
- AWS OFICIALAtualizada há 8 meses
- AWS OFICIALAtualizada há 2 anos
- AWS OFICIALAtualizada há 2 anos