tracking access to a CloudWatch log group ?


I would like to have the history of all the users that have accessed a specific CloudWatch log group.

It looks like CloudTrail does not log those events (GetLogEvents, FilterLogEvents).

  1. Am I right to assume that CloudTrail cannot track CW Log Group access ? (GetLogEvents)
  2. Is there an other way to track who's accessing a CW Log Group ?

Thank you !

asked 4 years ago48 views
2 Answers

You are correct that the CloudWatch Logs APIs that you specified are not currently logged to CloudTrail.

Within AWS, we are working to grow the AWS API coverage that is logged to CloudTrail to include more data-plane APIs like these over time. We will add your request to our prioritization process.


answered 4 years ago

Thanks Jeff.
I've got my answer: not possible yet. Maybe in the future.

answered 3 years ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions