Questions tagged with AWS CloudTrail
Content language: English
Select up to 5 tags to filter
Sort by most recent
Browse through the questions and answers listed below or filter and sort to narrow down your results.
Hello Team,
Yesterday, one event occurred in my account that one of the EC2 instance went into a stopped state. So, I checked the CloudTrail log and I found nothing and also checked the system log...
1
answers
0
votes
294
views
asked 2 years agolg...
Can we access and use multiple roles from a single user simultaneously(using STS assumeRole api right now)? My use case requires creation of different roles which have their specific policies...
2
answers
1
votes
5346
views
asked 2 years agolg...
When analyzing an CloudTrail event, how to know if it is a management event or data event?
Accepted AnswerAWS CloudTrail
1
answers
0
votes
779
views
asked 2 years agolg...
I want to find out how can we audit AWS events/logs to see when lucidscale (a third party application) makes a connection. I already looked into AWS CloudTrail, CloudWatch but I didn't find anything...
1
answers
1
votes
274
views
asked 2 years agolg...
Querying nested json arrays in Cloudtrail logs to find open security groups - Is there a better way?lg...
I am using Athena to query my Cloudtrail logs to find security groups that have rules that allow access to/from the internet. To achieve this, I am looking to see if any cidrIp in...
1
answers
0
votes
951
views
asked 2 years agolg...
someone is able to access lightsail instances using a non-existent username how to resolve this problem? (the username used is "admin-d" ?)
I was able to check it through cloudtrail logs.
This user...
2
answers
0
votes
492
views
asked 2 years agolg...
Hello,
I woul like to get more information on how to monitor the RDS authentication request using Cloudtrail. As from the documentation, Cloudtrail events records all those activities happening in the...
2
answers
0
votes
2303
views
asked 2 years agolg...
Hi, struggling with consolidating logs. I want to enable server access logging in S3 as well as VPC flow logging. Both need to have a logging bucket per region. That is not very scalable. Can't this...
1
answers
0
votes
849
views
asked 2 years agolg...
Hi, where can we find the IPs of the Amazon EKS service? I want to correctly identify a CloudTrail event with the name GetCallerIdentity that is made by the EKS.
[EKS...
2
answers
3
votes
3880
views
asked 2 years agolg...
Hi,
Enabling SecurityHub on my accounts. Thus asked to enable AWS Config on all accounts in all regions. Found the AWSConfig StackSet that does this automatically. Great automation, but is it...
1
answers
0
votes
326
views
asked 2 years agolg...
I want collet cloudtrail event log to provider a lifcycle event log query for any resources in any region.
I found LookupEvents API of cloudtrail is provider it(there are some limit for this api:...
1
answers
0
votes
279
views
asked 2 years agolg...
Hello,
we have configured configured Control Tower landing zone and enrolled tens of accounts in our organization.
We would like to monitor some of the actions (ConsoleLogin, SwitchRole, CreateUser,...
1
answers
0
votes
1474
views
asked 2 years agolg...