Non-API events captured by CloudTrail - Amazon CloudTrail
Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China (PDF).

Non-API events captured by CloudTrail

In addition to logging Amazon API calls, CloudTrail captures other related events that might have a security or compliance impact on your Amazon account or that might help you troubleshoot operational problems.

  • Amazon Web Services service events – CloudTrail supports logging non-API service events. These events are created by Amazon services but are not directly triggered by a request to a public Amazon API. For these events, the eventType field is AwsServiceEvent.

  • Amazon Web Services Management Console sign-in events – CloudTrail logs attempts to sign in to the Amazon Web Services Management Console, the Amazon Discussion Forums, and the Amazon Support Center. All IAM user and root user sign-in events, as well as all federated user sign-in events, generate records in CloudTrail. For sign-in events, the eventType field is AwsConsoleSignIn.