Explain how you can integrate CloudTrail with CloudWatch Logs or EventBridge for real-time security monitoring and alerts.
Integrate CloudTrail with CloudWatch Logs or EventBridge for real-time alerts.
You need to investigate unauthorized IAM activity in your AWS account. How would you use CloudTrail to identify when and who performed the action?
To investigate IAM actions: filter CloudTrail logs for eventName and userIdentity.
Where does CloudTrail store its log files by default, and what format are they saved in?
CloudTrail stores logs in S3 in JSON format.
How does CloudTrail differ from CloudWatch in terms of monitoring and logging?
CloudTrail logs API calls; CloudWatch monitors metrics and performance.
What is AWS CloudTrail, and what is its main purpose?
CloudTrail records API activity and user actions for auditing.
Load more questions