tI want to send a Cloudtrail log (Specifically when an secrets manager key rotates) to an S3 bucket. We already have the logs in Cloudtrail, is there an easy way to configure Cloudtrail to send these logs to S3 as soon as it happens? I was thinking of setting up a Lambda function that runs on a CRON schedule to do this for me, but would there be an easier way?
Moving specific Logs from AWS Cloudtrail to S3
385 views Asked by Lucas M. At
2
There are 2 answers
0
kormik
On
There is a slightly easier way, although not necessarily cost-effective (depends on your case) and you won't avoid using Lambda. Instead of setting up a cron, you can enable CloudWatch export for your trail, from where you can set a Lambda subscription filter. This way you can export to S3 exactly the events you want (don't have to code the filters into function) as soon as they come. But - you have to pay extra for the CloudWatch Logs, so it's not a good option if you have a large trail.
Related Questions in AMAZON-WEB-SERVICES
- S3 integration testing
- How to get content of BLOCK types LAYOUT_TITLE, LAYOUT_SECTION_HEADER and LAYOUT_xx in Textract
- Error **net::ERR_CONNECTION_RESET** error while uploading files to AWS S3 using multipart upload and Pre-Signed URL
- Failed to connect to your instance after deploying mern app on aws ec2 instance when i try to access frontend
- AWS - Tab Schema Conversion don't show up after creating a Migration Project
- Unable to run Bash Script using AWS Custom Lambda Runtime
- Using Amazon managed Prometheus to get EC2 metrics data in Grafana
- AWS Dns record A not navigate to elb
- Connection timed out error with smtp.gmail.com
- AWS Cognito Multi-tenant Integration | Ok to use Client’s Idp?
- Elasticbeanstalk FastAPI application is intermittently not responding to https requests
- Call an External API from AWS Lambda
- Why my mail service api spring isnt working?
- export 'AWSIoTProvider' (imported as 'AWSIoTProvider') was not found in '@aws-amplify/pubsub'
- How to take first x seconds of Audio from a wav file read from AWS S3 as binary stream using Python?
Related Questions in AMAZON-S3
- Mocking AmazonS3 listObjects function in scala
- S3 integration testing
- Error **net::ERR_CONNECTION_RESET** error while uploading files to AWS S3 using multipart upload and Pre-Signed URL
- Golang lambda upload image into s3 static website
- How to take first x seconds of Audio from a wav file read from AWS S3 as binary stream using Python?
- AWS Lambda Trigger For Same S3 File Name In Quick Succession
- Is there a way to upload a file in digital ocean object storage using php curl
- How to setup AWS credentials for next.js apps?
- S3 pre-signed url not working on whatsapp cloud Api
- How to set custom Origin Name in AWS CDK for CloudFront
- Property 'location' does not exist on type 'File'
- Resource handler returned message: "Unable to validate the following destination configurations
- Webmin CentOS7 AWS backup errors - perl(S3::AWSAuthConnection) can't be installed
- How to access variable to pass through url_for() as src in Flask App
- I cant figure out how to pull scripts from s3 to my aws workspace
Related Questions in AWS-LAMBDA
- Query parameter works fine with fastapi application when tested locally but not working when the FastAPI application is deployed on AWS lambda
- Lambda endpoint for the Google OAuth callback does not recieve the access_token
- Golang lambda upload image into s3 static website
- Unable to run Bash Script using AWS Custom Lambda Runtime
- Call an External API from AWS Lambda
- AWS Lambda Trigger For Same S3 File Name In Quick Succession
- Trouble Extracting Request Body in Flask-Lambda Application Deployed on AWS Lambda via AWS SAM
- S3 pre-signed url not working on whatsapp cloud Api
- 'Load failed' error when trying to create a function in AWS lambda
- Using Python CDK to bundle dotnet 8 code to AWS Lambda function
- AWS WebSocket API return forbidden (403) error when sending message
- Pass integer value in json serializable Python Object
- AWS Lambda successfully called with 'Function URL', but not with 'API Gateway'
- How do I create a *clean* AWS lambda function in python?
- Laravel Vapor Queue Dynamic DB Connection Issue for Different Requests
Related Questions in AMAZON-CLOUDTRAIL
- Is there any way I could generate an automatic csv file of the CloudTrail events for one day only?
- How to see IAM EventName CreateUser & DeleteUser in CloudTrail?
- getting [ERROR] IndexError: list index out of range in lambda while trying to fetch InstanceId from RunInstance cloudtrail json log
- cloudwatch alarms: include event details in a notification
- Get real IAM username of the STS AssumeRole issuer
- CloudTrail logs for Cross-Account Athena queries to remote Glue Data Catalogue
- AWS RDS Creation Notification Mail using lambda function
- Create an Eventbridge rule from a Cloudtrail event in order to trigger a Lambda
- Parse Additional Fields in ELK
- Fetching User Details for Triggered AWS Glue Job
- Convert Cloudtrail Logs to Parquet with AWS Glue
- AWS how do I get notified when lambda is disabled | Alert when lambda trigger get enable or disable
- Passing metadata of trigger to ECS task -fargate- from S3 via Eventbridge
- Can't Retrieve Logs by Tenant ID: Lambda Promtail Logs Loki/Grafana
- AWS cloudtrail with S3 data events enabled create logging loop
Popular Questions
- How do I undo the most recent local commits in Git?
- How can I remove a specific item from an array in JavaScript?
- How do I delete a Git branch locally and remotely?
- Find all files containing a specific text (string) on Linux?
- How do I revert a Git repository to a previous commit?
- How do I create an HTML button that acts like a link?
- How do I check out a remote Git branch?
- How do I force "git pull" to overwrite local files?
- How do I list all files of a directory?
- How to check whether a string contains a substring in JavaScript?
- How do I redirect to another webpage?
- How can I iterate over rows in a Pandas DataFrame?
- How do I convert a String to an int in Java?
- Does Python have a string 'contains' substring method?
- How do I check if a string contains a specific word?
Trending Questions
- UIImageView Frame Doesn't Reflect Constraints
- Is it possible to use adb commands to click on a view by finding its ID?
- How to create a new web character symbol recognizable by html/javascript?
- Why isn't my CSS3 animation smooth in Google Chrome (but very smooth on other browsers)?
- Heap Gives Page Fault
- Connect ffmpeg to Visual Studio 2008
- Both Object- and ValueAnimator jumps when Duration is set above API LvL 24
- How to avoid default initialization of objects in std::vector?
- second argument of the command line arguments in a format other than char** argv or char* argv[]
- How to improve efficiency of algorithm which generates next lexicographic permutation?
- Navigating to the another actvity app getting crash in android
- How to read the particular message format in android and store in sqlite database?
- Resetting inventory status after order is cancelled
- Efficiently compute powers of X in SSE/AVX
- Insert into an external database using ajax and php : POST 500 (Internal Server Error)
If you want to get specific events from CT in real-time as they happen, then you should setup CloudWatch Event rule for them:
The rule could be:
With a target of Firehose delivery stream set for S3 bucket of your choise.