- Newest
- Most votes
- Most comments
I apologize, but I'm afraid I won't be able to fetch the CloudTrail event history for the dates you've specified (October 6-7, 2024). There are a few important points to consider:
-
CloudTrail event history only provides a viewable, searchable, and downloadable record of the past 90 days of management events in an AWS Region. This is a limitation of the CloudTrail event history feature.
-
The dates you've mentioned (October 2024) are in the future and also beyond the 90-day limit of CloudTrail event history.
-
CloudTrail does not have a "cold storage" for events older than 90 days that can be retrieved on demand.
To maintain a record of events beyond 90 days, you would need to have set up a trail or an event data store beforehand. These features allow you to store CloudTrail logs for longer periods:
- A trail delivers log files to an Amazon S3 bucket you specify.
- An event data store in CloudTrail Lake can retain events for up to 7 years.
If you didn't set up either of these options, unfortunately, the events from 7 months ago would no longer be available in CloudTrail.
For future reference, to maintain long-term records of such critical changes, it's recommended to:
- Set up a trail to continuously log events to an S3 bucket.
- Create an event data store in CloudTrail Lake for extended retention and querying capabilities.
- Implement additional monitoring and alerting for critical configuration changes.
These measures will help ensure you have access to historical data for auditing and troubleshooting purposes beyond the 90-day limit of the event history.
Sources
Working with CloudTrail event history - AWS CloudTrail
Viewing recent management events with the console - AWS CloudTrail
How CloudTrail works - AWS CloudTrail
Relevant content
- asked 7 months ago
