CloudTrail Supported Services and Integrations
CloudTrail supports logging events for many AWS services. You can find the specifics for each supported service in that service's guide. Links to those service-specific topics are provided below. In addition, some AWS services can be used to analyze and act upon data collected in CloudTrail logs. You can browse an overview of those service integrations here.
To see the list of supported regions for each service, see Regions and Endpoints in the Amazon Web Services General Reference.
Topics
AWS Service Integrations With CloudTrail Logs
You can configure other AWS services to further analyze and act upon the event data collected in CloudTrail logs. For more information, see the following topics.
| AWS Service | Topic | Description |
|---|---|---|
| Amazon Athena | Querying AWS CloudTrail Logs |
Using Athena with CloudTrail logs is a powerful way to enhance your analysis of AWS service activity. For example, you can use queries to identify trends and further isolate activity by attribute, such as source IP address or user. You can automatically create tables for querying logs directly from the CloudTrail console, and use those tables to run queries in Athena. For more information, see Creating a Table for CloudTrail Logs in the CloudTrail Console in the Amazon Athena User Guide. Running queries in Amazon Athena incurs additional costs. For more
information, see Amazon Athena Pricing. |
| Amazon CloudWatch Logs | Monitoring CloudTrail Log Files with Amazon CloudWatch Logs |
You can configure CloudTrail with CloudWatch Logs to monitor your trail logs and be notified when specific activity occurs. For example, you can define CloudWatch Logs metric filters that will trigger CloudWatch alarms and send notifications to you when those alarms are triggered. Standard pricing for Amazon CloudWatch and Amazon CloudWatch Logs
applies. For more information, see Amazon
CloudWatch Pricing |
CloudTrail Integration with AWS Organizations
You can create a trail in the master account for an organization that collects all event data for all AWS accounts in an organization in AWS Organizations. This is called an organization trail. Creating an organization trail helps you define a uniform event logging strategy for your organization. An organization trail is applied automatically to each AWS account in your organization. Users in member accounts can see these trails but cannot modify them, and by default cannot see the log files created for the organization trail. For more information, see Creating a Trail for an Organization.
AWS Service Topics for CloudTrail
You can learn more about how the events for individual AWS services are recorded in CloudTrail logs, including example events for that service in log files. For more information about how specific AWS services integrate with CloudTrail, see the topic about integration in the individual guide for that service.