AWS CloudTrail Logs OpenTelemetry Assets
Serverless Observability Serverless Security Stack
| Version | 0.1.0 (View all) |
| Subscription level What's this? |
Basic |
| Developed by What's this? |
Elastic |
To use beta integrations, go to the Integrations page in Kibana, scroll down, and toggle on the Display beta integrations option.
The AWS CloudTrail OpenTelemetry Assets allow you to monitor Amazon CloudTrail logs. With AWS CloudTrail, you can monitor your AWS deployments in the cloud by getting a history of AWS API calls for your account, including API calls made by using the AWS Management Console, the AWS SDKs, the command line tools, and higher-level AWS services.
The EDOT Cloud Forwarder for AWS enables you to collect CloudTrail Logs from Amazon S3 and forward them directly into Elastic Observability. Use this integration to visualize that data in Kibana, create alerts to notify you if something goes wrong, and reference logs when troubleshooting an issue.
You need an Elastic Observability project (Serverless only) for storing, analyzing, and visualizing your CloudTrail logs.
From the AWS side, to collect CloudTrail logs, you need:
- An S3 bucket for storing logs
- CloudTrail trail configured with S3 bucket as log storage destination
For step-by-step instructions on how to set up an EDOT Cloud Forwarder for AWS, see the EDOT Cloud Forwarder for AWS guide.
For a complete list of all available logs and their detailed descriptions, refer to the OpenTelemetry AWS Logs encoding extension
This integration includes one or more Kibana dashboards that visualizes the data collected by the integration. The screenshots below illustrate how the ingested data is displayed.
Changelog
| Version | Details | Kibana version(s) |
|---|---|---|
| 0.1.0 | Enhancement (View pull request) Initial draft of the AWS CloudTrail Logs OpenTelemetry Assets package |
— |