AWS CloudTrail logo

AWS CloudTrail

Record AWS API calls for your account and have log files delivered to you
+ 1

What is AWS CloudTrail?

With CloudTrail, you can get a history of AWS API calls for your account, including API calls made via the AWS Management Console, AWS SDKs, command line tools, and higher-level AWS services (such as AWS CloudFormation). The AWS API call history produced by CloudTrail enables security analysis, resource change tracking, and compliance auditing. The recorded information includes the identity of the API caller, the time of the API call, the source IP address of the API caller, the request parameters, and the response elements returned by the AWS service.
AWS CloudTrail is a tool in the Log Management category of a tech stack.

Who uses AWS CloudTrail?

66 companies reportedly use AWS CloudTrail in their tech stacks, including Netflix, Slack, and UNIQLO.

129 developers on StackShare have stated that they use AWS CloudTrail.

AWS CloudTrail Integrations

Datadog, Amazon EKS, Loggly, Logentries, and Sumo Logic are some of the popular tools that integrate with AWS CloudTrail. Here's a list of all 15 tools that integrate with AWS CloudTrail.
Public Decisions about AWS CloudTrail

Here are some stack decisions, common use cases and reviews by companies and developers who chose AWS CloudTrail in their tech stack.

StackShare Editors
StackShare Editors
Shared insights
GoGoAWS CloudTrailAWS CloudTrail

Some Slack customers need tighter control and visibility into their data without disturbing the most essential features. This resulted in the development and release of Slack Enterprise Key Management (Slack EKM). It allows larger visibility into data and more control over the keys used to encrypt and decrypt the data. Slack EKM allows users to bring their own keys into Slack. The initial release supported third-party integration of Amazon Web Services Key Management Service to store keys. Slack EKM works independently of the web application so that other security measures could be added to it. It was written in Go, largely due to its suitability for CPU-intensive cryptographic operations and its top-notch AWS software development kit. KMS key requests are logged on AWS CloudTrail, which key requests created directly from AWS KMS.

See more

AWS CloudTrail's Features

  • Increased Visibility- CloudTrail provides increased visibility into your user activity by recording AWS API calls. You can answer questions such as, what actions did a given user take over a given time period? For a given resource, which user has taken actions on it over a given time period? What is the source IP address of a given activity? Which activities failed due to inadequate permissions?
  • Durable and Inexpensive Log File Storage- CloudTrail uses Amazon S3 for log file storage and delivery, so log files are stored durably and inexpensively. You can use Amazon S3 lifecycle configuration rules to further reduce storage costs. For example, you can define rules to automatically delete old log files or archive them to Amazon Glacier for additional savings.
  • Easy Administration- CloudTrail is a fully managed service
  • you simply turn on CloudTrail for your account using the AWS Management Console, the Command Line Interface, or the CloudTrail SDK and start receiving CloudTrail log files in the Amazon Simple Storage Service (Amazon S3) bucket that you specify.
  • Reliable- CloudTrail continuously transports events from AWS services using a highly available and fault tolerant processing pipeline.
  • Timely Delivery- CloudTrail typically delivers events within 15 minutes of the API call.
  • Log File Aggregation- CloudTrail can be configured to aggregate log files across multiple accounts and regions so that log files are delivered to a single bucket. Please refer to the of the AWS CloudTrail User Guide for detailed instructions.
  • Notifications for Log File Delivery- CloudTrail can be configured to publish a notification for each log file delivered, thus enabling you to automatically take action upon log file delivery. CloudTrail uses the Amazon Simple Notification Service (SNS) for notifications.
  • Choice of Partner Solutions- Multiple partners including AlertLogic, Boundary, Loggly, Splunk and Sumologic offer integrated solutions to analyze CloudTrail log files. These solutions include features like change tracking, troubleshooting, and security analysis.

AWS CloudTrail Alternatives & Comparisons

What are some alternatives to AWS CloudTrail?
AWS Config
AWS Config is a fully managed service that provides you with an AWS resource inventory, configuration history, and configuration change notifications to enable security and governance. With AWS Config you can discover existing AWS resources, export a complete inventory of your AWS resources with all configuration details, and determine how a resource was configured at any point in time. These capabilities enable compliance auditing, security analysis, resource change tracking, and troubleshooting.
It helps developers analyze and debug production, distributed applications, such as those built using a microservices architecture. With this, you can understand how your application and its underlying services are performing to identify and troubleshoot the root cause of performance issues and errors. It provides an end-to-end view of requests as they travel through your application, and shows a map of your application’s underlying components.
It provides the leading platform for Operational Intelligence. Customers use it to search, monitor, analyze and visualize machine data.
Logstash is a tool for managing events and logs. You can use it to collect logs, parse them, and store them for later use (like, for searching). If you store them in Elasticsearch, you can view and analyze them with Kibana.
Papertrail helps detect, resolve, and avoid infrastructure problems using log messages. Papertrail's practicality comes from our own experience as sysadmins, developers, and entrepreneurs.
See all alternatives

AWS CloudTrail's Followers
163 developers follow AWS CloudTrail to keep up with related blogs and decisions.
Galileo Figaro
Kyler Smith
Stephane Chatre
Hersh Patel
arunkumar ramalingam
Joe Bennett
Raja Hassan
Shukur Mohammad
Praveen Shivaram