AWS CloudTrail resources
Audit all AWS Activity Traversing your VPC endpoints
CloudTrail network activity events give visibility into all AWS API activity that passes through your VPC Endpoints, for supported services.
Use data events for auditing
AWS CloudTrail data events help you audit your Amazon SNS and Amazon SQS workloads.
How Arctic Wolf uses AWS CloudTrail Lake
Arctic Wolf improved their cloud security and auditing processes with CloudTrail Lake. They were able to quickly and effectively set up CloudTrail Lake to ingest and query their activity events, which was crucial for understanding security and operational issues in their environment.
Auditing generative AI events
Identify specific events and audit your generative AI workloads by investigating the API actions that you or your applications perform within your AWS environment.
What’s new in AWS CloudTrail Lake at re:Invent 2023
New launch items for CloudTrail Lake include support for zero-ETL analysis in Amazon Athena and a one-year extendable retention pricing option which is optimized for meeting your flexible retention needs cost-effectively.
Documentation, whitepapers & more
CloudTrail Processing Library
AWS CloudTrail Processing Library is a Java library that makes it easy to build an application that reads and processes CloudTrail log files. CloudTrail Processing Library handles tasks such as continuously polling an Amazon Simple Queue Service (SQS) queue, reading and parsing SQS messages, downloading log files stored in Amazon S3, parsing and serializing events in the log file in a fault-tolerant manner. Get CloudTrail Processing Library from GitHub.
Whitepapers
Improve Configuration, Compliance, and Auditing with AWS
Resource Inventory Monitoring and Management in the Cloud Using AWS Config and AWS CloudTrail.