Ingest your AWS CloudTrail data into the Sumo Logic service to gain real-time operational insights, audit reports, and powerful visualization tools.
Why the Sumo Logic App for AWS CloudTrail?
Receive real-time alerts to suspicious activity, changes to infrastructure like started/stopped virtual servers, and changes to access control lists (ACLs).
Share critical data
Develop customized visual dashboards to report on environmental strengths and weaknesses and share critical data quickly with the right teams.
Secure your environment
Perform root-cause analysis on performance by tracking the effects of changes on the your infrastructure’s availability and response time.
What is AWS CloudTrail?
AWS CloudTrail is a web service that records your AWS application program interface (API) calls and delivers complex log files to you for audit and analysis. AWS Cloudtrail records the following API information:
- The identity of the API caller.
- The time of the API call.
- The source IP address of the API caller.
- The request parameters.
- The response elements returned by the AWS service.
With the Sumo Logic app for AWS CloudTrail, gain deep visual insights into your environment through interactive, customizable dashboards.
Log Analysis You Can Use
Delve deep into CloudTrail activity patterns for actionable insights. Monitor statistics like:
- Administrator and user activity, isolatable by location to easily identify traffic from unauthorized regions.
- Platform configuration changes like such as new virtual machines, ACL changes and more.
- Account settings, usage and billing status for all your AWS services.
- Monitor platform configuration changes such as new VM configurations, ACL changes etc.
With the Sumo Logic app for AWS CloudTrail, gain instant visual insights, track and correlate AWS CloudTrail data, and integrate it with other AWS services data for complete monitoring and security.
Ingest CloudTrail Data into Sumo Logic Using S3
Gathering your CloudTrail data in one place is extremely easy. Dumping your logs into an S3 bucket for simple collection by a cloud-native log analysis service such as Sumo Logic allows:
- A scalable, elastic architecture that can grow with your business.
- Comprehensive compliance certifications (PCI v3 Service Provider Level 1, SOC2 Type 2, HIPAA, Safe Harbor) to ensure the security you need.
- Rich out-of-box integrations to key AWS services to enable fast time-to-value.
- Ready to get more insight into your AWS CloudTrail logging activity? Sign up for your free Sumo Logic trial today!
ELK Stack Compatability
Logstash (along with Elasticsearch and Kibana) offers an opportunity to parse, search and visualize this information. This provides great insight when Logstash is up and running, but it needs to be setup and managed to provide valuable insights even when Logstash forwarders go down. In addition, managing this infrastructure can be a challenge at scale.
Sumo Logic provides native cloud-to-cloud collection directly from an S3 bucket for CloudTrail information. Since the collection is cloud-to-cloud, administrators are not relied upon to keep the logging infrastructure up and running. You can count on Sumo Logic for valuable insights through outages.
Analyzing Your CloudTrail Data
Watch our demo to see the Sumo Logic app for CloudTrail in action.
Other Sumo Apps
Sumo Logic Apps help you quickly gain visibility into your applications and infrastructure by providing preconfigured searches and dashboards for your most popular data sources.See the full list