Baselime automatically ingests CloudTrail events when you connect your AWS account. Baselime will automatically create a new CloudTrail and S3 bucket for you, and configure them to send data to your Baselime account. No additional setup is required on your end.
Once connected, CloudTrail events will be sent to Baselime and made available for querying.
To effectively monitor your applications deployed on AWS on Baselime, it is essential to send CloutTrail events. These events are used to automatically register new AWS Lambda functions and Amazon API Gateways logs ingestion.
Why Amazon CloudTrail ?
Amazon CloudTrail is a service provided by AWS that records API activity in your AWS account. This data can be used to track changes to your resources, troubleshoot issues, and improve security.
By sending Amazon CloudTrail events to Baselime, you can use our query and visualization tools to more easily analyze and understand your API activity. You can also set up alerts to be notified of specific API activity or trends.
With Amazon CloudTrail events in Baselime, you can gain a deeper understanding of your AWS API activity and use that knowledge to improve the security and reliability of your applications.
How it works
Amazon CloudTrail writes trail data periodically in a pre-configured S3 bucket in your AWS account. Once the data is written, it signals to an SNS topic that the trail is written.
Baselime configures this SNS to invoke a Lambda function that reads the data from the S3 bucket and ingests it in the Baselime backend.
Amazon CloudTrail management events
Amazon CloudTrail events fall into multiple categories, and Baselime automatically ingests CloudTrail management events. Please refer to the complete CloudTrail docs for further details on the CloudTrail concepts.