Questions tagged with AWS CloudTrail
Content language: English
Select up to 5 tags to filter
Sort by most recent
Browse through the questions and answers listed below or filter and sort to narrow down your results.
Hi,
I am try to create a central repository in my Audit account and send all Config files to this bucket. I figure out how to do via these instructions Granting AWS Config access to the Amazon S3...
2
answers
0
votes
803
views
asked 2 years agolg...
Hello, I have an S3 bucket in a GovCloud account that is locked to everyone and everything due to its bucket policy. Normally, in a commercial account I'd be able to delete the bucket/policy with the...
2
answers
0
votes
864
views
asked 2 years agolg...
Hello, I have implemented a central logging solution with Opensearch. There are multiple AWS accounts for different projects. All logs are sent to Single S3 and then to opensearch. How can I segregate...
1
answers
0
votes
361
views
asked 2 years agolg...
If you go into DMS service there is a tab for Event Subscription. if you register a topic, then you will get notification of every event that happens in the event tab. For example, then you reboot a...
0
answers
0
votes
145
views
asked 2 years agolg...
The CloudTrail console is showing a blank screen in multiple regions. I've yet to find a region where it shows anything but a blank screen. All other aws services are displaying as normal....
6
answers
2
votes
1192
views
asked 2 years agolg...
A minimal IAM profile has been prepared for a CloudFormation stack which creates a VPC with IPv6CidrBlock and IPv6Cidr subnet. The IAM profile is sufficient for creating the stack in us-east-1 region....
0
answers
1
votes
185
views
asked 2 years agolg...
Hi All,
I have multiple multi-region cloudtrail defined in single AWS account. One cloudtrail is sending logs to the security account and another cloudtrail is logging in to the local account. In the...
3
answers
0
votes
4951
views
asked 2 years agolg...
In cloudtrail, we only monitor management event only, we have one public accessable bucket, now we want to search cloudtrail log with S3 bucket access attempt(access denied) event and who download S3...
1
answers
0
votes
649
views
asked 2 years agolg...
we have many lambda execution events per hour, how to find out which is malicious one? I have below questions:
(1), if we use cloud trail, which are the event name we should look at, we search lambda...
2
answers
0
votes
363
views
asked 2 years agolg...
Hi,
I am trying to set up alarms for DNSSec failure events in cloud watch. However, when i go to Cloudwatch, I cannot see the `DNSSECInternalFailure` or `DNSSECKeySigningKeysNeedingAction` Metrics in...
1
answers
1
votes
796
views
asked 2 years agolg...
How to identify suspicious EC2 metadata enumeration activity? should we detect from cloudtrail or using cli to analyze EC2 access log? thanks
1
answers
0
votes
530
views
asked 2 years agolg...
Our **CloudTrail **is opened for all Managements Events, We are trying to upload to S3 Bucket with only Readonly **Permission **- in application level we get "Access Denied" error.
We do not see this...
3
answers
2
votes
7257
views
asked 2 years agolg...