Questions tagged with AWS CloudTrail
Content language: English
Select up to 5 tags to filter
Sort by most recent
Browse through the questions and answers listed below or filter and sort to narrow down your results.
My organization is ingesting its CloudTrail logs into a Sentinel workspace. I recently updated our current LogTrail by adding S3 in the data events but when I performed some specific operations to...
1
answers
0
votes
264
views
asked 7 months agolg...
Why is the userIdentity.sessionContext field missing from AwsConsoleAction entries in CloudTrail?lg...
We are processing CloudTrail logs to check and highlight actions not protected by MFA.
When someone signs in as Root all the events with `eventType` `AwsApiCall` have `sessionContext` populated. For...
0
answers
0
votes
69
views
asked 7 months agolg...
Hello guy need help
i am getting unauthorized API call is made alarm. i dont know what is the root cause.
how to find this in cloudtrail?
1
answers
1
votes
647
views
asked 7 months agolg...
Hello Team.
I have implemented Control Tower, so I have management, audit, log archive and additional member accounts.
This setup has activated in every account some services suchs as:
AWS Config,...
0
answers
0
votes
111
views
asked 7 months agolg...
I would like to monitor the volume of data sent externally from my AWS account.
I'm looking for to retrieve logs that allow me to have the volume of data sent externally in real time.
Who can help me...
1
answers
0
votes
367
views
asked 7 months agolg...
backgoround: querying cloudtrail logs via athena, however the database and table table is created using glue crawler but running into error
**HIVE_UNSUPPORTED_FORMAT: Unable to create input format**
1
answers
0
votes
713
views
asked 8 months agolg...
According to the AWS documentation, "to collect CloudTrail management events in Security Lake, you must have at least one CloudTrail multi-Region organization trail that collects read and write...
2
answers
0
votes
243
views
asked 8 months agolg...
Hi community, as the title says I came across some events when I was searching for some events in my CloudTrail event history and today I learned that IAM events go us-east-1 by default.
My aim was...
1
answers
0
votes
295
views
asked 8 months agolg...
Here's my setup. I have four accounts - a management account and three member accounts for security, dev, and production. In the process of setting up my organization I've configured organization and...
1
answers
0
votes
480
views
asked 8 months agolg...
Hi! I am trying to create a trail in Cloudtrail with the Cloudwatch, SNS topic, and an S3 bucket for the logs integration via the console in order to fulfill the PCI compliance results obtained by...
1
answers
1
votes
254
views
asked 8 months agolg...
I was following the CloudPractitioner (CLF-C01) course on CloudGuru. When I got to the auditing, monitoring and logging services, CloudWatch and CloudTrail were introduced. However, these questions...
1
answers
0
votes
342
views
asked 8 months agolg...
We have 3rd parties who have access to S3 buckets under our ownership. We have enabled bucket logging and CloudTrail data event logging.
This is working fine for internal users, however, we do not see...
1
answers
0
votes
257
views
asked 9 months agolg...