Ao usar o AWS re:Post, você concorda com os AWS re:Post Termos de uso
AWS re:Postre:Post

tracking access to a CloudWatch log group ?

0

Hello,
I would like to have the history of all the users that have accessed a specific CloudWatch log group.

It looks like CloudTrail does not log those events (GetLogEvents, FilterLogEvents).
See https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/logging_cw_api_calls_cwl.html

  1. Am I right to assume that CloudTrail cannot track CW Log Group access ? (GetLogEvents)
  2. Is there an other way to track who's accessing a CW Log Group ?

Thank you !

Tópicos
Gestão e governança
Tags
AWS CloudTrail
Idioma
English
tbriot
feita há 5 anos714 visualizações
2 Respostas
0

You are correct that the CloudWatch Logs APIs that you specified are not currently logged to CloudTrail.

Within AWS, we are working to grow the AWS API coverage that is logged to CloudTrail to include more data-plane APIs like these over time. We will add your request to our prioritization process.

Jeff

AWS-User-3197379
respondido há 5 anos
0

Thanks Jeff.
I've got my answer: not possible yet. Maybe in the future.

tbriot
respondido há 4 anos

Você não está conectado. Fazer login para postar uma resposta.

Uma boa resposta responde claramente à pergunta, dá feedback construtivo e incentiva o crescimento profissional de quem perguntou.

Diretrizes para responder a perguntas

Conteúdo relevante