BigSnarf blog

Infosec FTW

Cloudtrail Dashboards

splunk_aws_app_topo_1awsServiceEventTrackingScreenshot

unnamed

CloudTrail Monitoring and Alerting

Are Overview Reports helpful?

  • Top 10 Events
  • Top 10 Locations
  • Top 10 Access Keys
  • Top 10 Services
  • Top 10 Ip Addresses
  • Unauthorized Access

Activity reports helpful?

  • List of Instances
  • Errors
  • Instance Activities

Audit reports helpful?

  • List Users
  • List Keys
  • Access Keys Used
  • Locations Used
  • User activities
  • User patterns

Machine Learning and Data Mining helpful?

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: