tracking access to a CloudWatch log group ?

0

Hello,
I would like to have the history of all the users that have accessed a specific CloudWatch log group.

It looks like CloudTrail does not log those events (GetLogEvents, FilterLogEvents).
See https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/logging_cw_api_calls_cwl.html

  1. Am I right to assume that CloudTrail cannot track CW Log Group access ? (GetLogEvents)
  2. Is there an other way to track who's accessing a CW Log Group ?

Thank you !

tbriot
asked 4 years ago48 views
2 Answers
0

You are correct that the CloudWatch Logs APIs that you specified are not currently logged to CloudTrail.

Within AWS, we are working to grow the AWS API coverage that is logged to CloudTrail to include more data-plane APIs like these over time. We will add your request to our prioritization process.

Jeff

answered 4 years ago
0

Thanks Jeff.
I've got my answer: not possible yet. Maybe in the future.

tbriot
answered 3 years ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions