By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

tracking access to a CloudWatch log group ?

0

Hello,
I would like to have the history of all the users that have accessed a specific CloudWatch log group.

It looks like CloudTrail does not log those events (GetLogEvents, FilterLogEvents).
See https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/logging_cw_api_calls_cwl.html

  1. Am I right to assume that CloudTrail cannot track CW Log Group access ? (GetLogEvents)
  2. Is there an other way to track who's accessing a CW Log Group ?

Thank you !

Topics
Management & Governance
Tags
AWS CloudTrail
Language
English
tbriot
asked 5 years ago706 views
2 Answers
0

You are correct that the CloudWatch Logs APIs that you specified are not currently logged to CloudTrail.

Within AWS, we are working to grow the AWS API coverage that is logged to CloudTrail to include more data-plane APIs like these over time. We will add your request to our prioritization process.

Jeff

AWS-User-3197379
answered 5 years ago
0

Thanks Jeff.
I've got my answer: not possible yet. Maybe in the future.

tbriot
answered 4 years ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content