BigSnarf blog

Infosec FTW

Cloudtrail Dashboards

Leave a comment Posted by on April 30, 2016

splunk_aws_app_topo_1awsServiceEventTrackingScreenshot

unnamed

CloudTrail Monitoring and Alerting

Are Overview Reports helpful?

  • Top 10 Events
  • Top 10 Locations
  • Top 10 Access Keys
  • Top 10 Services
  • Top 10 Ip Addresses
  • Unauthorized Access

Activity reports helpful?

  • List of Instances
  • Errors
  • Instance Activities

Audit reports helpful?

  • List Users
  • List Keys
  • Access Keys Used
  • Locations Used
  • User activities
  • User patterns

Machine Learning and Data Mining helpful?

Tools

Leave a comment