📃
AWS SAA-C02
  • Practice Test Scores
  • Basics of IAM
  • Elastic Compute Cloud (EC2)
    • Overview
    • Security Groups
    • IP Addresses
    • User Data
    • Launch Types
    • Spot Instances
    • Instance Types
    • Amazon Machine Image (AMI)
    • Placement Groups
    • Elastic Network Interface (ENI)
    • Hibernate
  • Elastic Load Balancer (ELB)
    • Basic Terms
    • Elastic Load Balancing
    • Classic Load Balancer (CLB)
    • Application Load Balancer (ALB)
    • Network Load Balancer (NLB)
    • Stickiness
    • Cross Zone Load Balancing
    • SSL Certificates
    • Connection Draining/Deregistration Delay
  • Auto Scaling Groups (ASG)
    • Launch Configurations & Launch Templates
    • Overview
    • Dynamic Scaling and Scheduled Scaling
    • Lifecycle Hooks
    • Scaling Cooldowns
  • EC2 Storage (EBS, EFS, Instance Store)
    • Elastic Block Storage (EBS)
    • EBS Volume Types
    • EBS Snapshots
    • EBS Volume Migration
    • EBS Volume Encryption
    • EBS RAID configurations
    • Instance Store
    • Elastic File System (EFS)
    • EFS vs EBS
  • Relational Database Service (RDS)
    • RDS Overview
    • Running Databases on EC2
    • RDS Backups & RDS Restores
    • RDS Read Replicas
    • RDS Multi AZ
    • RDS Encryption
    • RDS IAM database authentication
    • Aurora
    • ElastiCache
  • Route53
    • Overview
    • DNS Record Types
    • Routing Policies
    • 3rd Party Domains
  • Simple Storage Service (S3)
    • S3
    • Server-Side Encryption
    • S3 Security
    • Pre-signed URLs
    • S3 Websites
    • Cross-origin resource sharing (CORS)
    • Consistency Model
  • Advanced S3 & Athena
    • MFA Delete
    • Access Logs
    • Replication
    • Storage Classes
    • Lifecycle Configuration
    • Performance Optimization
    • Select and Glacier Select
    • Event Notifications
    • Object Lock and Glacier Lock
    • Athena Overview
  • CloudFront & Global Accelerator
    • CloudFront Overview
    • CloudFront Signed URL / Signed Cookies
    • Global Accelerator
  • Storage Gateway & FSx & Snowball/Snowmobile
    • Storage Gateway Overview
    • Storage Gateway File Gateway Hardware Appliance
    • FSx for Windows Servers
    • FSx for Lustre
    • Storage Comparison
    • Snowball/Snowmobile Overview
  • AWS Messaging
  • Simple Queue Service (SQS)
    • Overview
    • Message Visibility Timeout
    • Dead Letter Queues
    • Delay Queues
    • FIFO Queues
    • SQS + Auto Scaling Group
  • Simple Notification Service (SNS)
    • Overview
    • SNS & SQS - Fan Out Pattern
  • Kinesis + MQ
    • Kinesis
    • Amazon MQ
  • Serverless
    • Lamda Overview
    • Lambda@Edge
    • DynamoDB Overview
    • DynamoDB RCUs and WCUs
    • DynamoDB Advanced Features
    • API Gateway Overview
    • API Gateway Security
    • Cognito Overview
    • AWS SAM (Serverless Application Model)
  • Databases & Analytics
    • Databases
    • Analytics
  • Monitoring
    • CloudWatch Concepts
    • CloudWatch Logs
    • CloudWatch Agent
    • EC2 Instance Recovery
    • CloudWatch Events
    • CloudTrail
    • Config
  • Mini Security Lesson
    • IAM Policies
    • Authorization
    • IAM Conditions
    • IAM for S3 Resources
    • IAM Permission Boundaries
  • Security & Management
    • Security Token Service (STS)
    • Identity Federation in AWS
    • Directory Service
    • Organizations
    • Resource Access Manager (RAM)
    • Single Sign On (SSO)
  • Security & Encryption
    • Encryption Overview
    • KMS Overview
    • SSM Parameter Store Overview
    • Secrets Manager Overview
    • CloudHSM
    • Shield
    • Web Application Firewall (WAF) Overview
  • Virtual Private Cloud (VPC)
    • Networking for VPCs
    • Default VPC Overview
    • VPC Overview
    • VPC Subnets
    • Internet Gateways & Route Tables
    • NAT Instances
    • NAT Gateways
    • DNS support in your VPC
    • NACLs vs Security Groups
    • VPC Peering
    • VPC Endpoints
    • VPC Flow Logs
    • Bastion Hosts
    • Site to Site VPN
    • Direct Connect
    • Egress-only Internet Gateway
    • AWS PrivateLink
    • AWS ClassicLink
    • VPN CloudHub
    • Transit Gateway
  • Disaster Recovery & Migrations
    • Plan for Disaster Recovery
    • Database Migration Service (DMS)
    • Migration Services
    • DataSync Overview
  • Other Services
    • Overview of Other Services
Powered by GitBook
On this page

Was this helpful?

  1. Monitoring

CloudTrail

  • CloudTrail is an AWS service that helps you enable governance, compliance, and operational and risk auditing of your AWS account.

  • Actions taken by a user, role, or an AWS service are recorded as events in CloudTrail.

    • Events include actions taken in the AWS Management Console, AWS Command Line Interface, and AWS SDKs and APIs.

  • CloudTrail is enabled on your AWS account when you create it.

  • You can use CloudTrail to view, search, download, archive, analyze, and respond to account activity across your AWS infrastructure.

  • You can identify who or what took which action, what resources were acted upon, when the event occurred, and other details to help you analyze and respond to activity in your AWS account.

  • Optionally, you can enable CloudTrail Insights on a trail to help you identify and respond to unusual activity.

  • A trail that applies to all regions

    • CloudTrail records events in each and every region and delivers the CloudTrail event log files to an S3 bucket that you specify.

  • A trail that applies to one region

    • CloudTrail records the events in that region only.

PreviousCloudWatch EventsNextConfig

Last updated 4 years ago

Was this helpful?