AWS CloudTrail is an AWS service that helps you enable operational and risk auditing, governance, and compliance of your AWS account. Actions taken by a user, role, or an AWS service are recorded as events in CloudTrail. Events include actions taken in the AWS Management Console, AWS Command Line Interface, and AWS SDKs and APIs. Ref: https://docs.aws.amazon.com/cloudtrail/index.html
Prerequisites: Having a valid AWS Account (Follow the step in this link to create an AWS Account) How to Sign Up for a new Amazon Web Services Account
Sign in in AWS console as IAM user
Login to the AWS management console (https://console.aws.amazon.com/) with our IAM user
Create a Trail to monitor and log and activity of all AWS Account activity into an S3 bucket storage account
In the search bar / Type CloudTrail
Click on Cloud Trail Dashboard
View the CloudTrail Dashboard
You can list all the event in your account by clicking on Event history
Notes: Events are store in CloudTrail for 90 days by default
To save event for more than 90 days you must create a trail
Click on Dashboard / Create trail
Enter a Trail name / Create or Select an S3 bucket / Review the others option / Click Next
Add data and insights event / review all the other option / Choose Data event type S3 / Click Next
Review your options and click Create trail
Click on your trail name
You have the option to delete or stop trail logging
You can view the logs in the S3 Buckets
Credit: Azeez
Leave a Reply