- Newest
- Most votes
- Most comments
Hello,
ConsoleLogin events are not necessarily logged in the us-east-1 region. When logging into your AWS management console, a region is picked randomly based on multiple factors and the ConsoleLogin event is logged in the corresponding region. So, if you are only checking in us-east-1 region, it is possible that the event is logged in other regions. Easiest way to identify this would be to configure your trail to forward the events to a Cloudwatch log group. You can then filter for ConsoleLogin in this Cloudwatch log group. Alternatively, you can use region based URL to login to AWS management console, such as below:
https://signin.aws.amazon.com/console?region=us-east-1
Using a region-specific URL to login to the console will ensure the event is logged in a specific region. The region in the above URL can be set to any region of your choice.
Relevant content
- Accepted Answerasked 2 years ago
- asked 3 years ago
- AWS OFFICIALUpdated a year ago
- AWS OFFICIALUpdated 2 years ago
- AWS OFFICIALUpdated 3 years ago
- AWS OFFICIALUpdated 2 years ago
I dont know a lot; but are you seeing other more recent types of management events ( "managementEvent" : true ) in the bucket?