IT Engineer at a non-profit with 501-1,000 employees
Feb 1, 2023
What I found most valuable in AWS CloudTrail is that it provides a good context of what's happening in the environment, so it's an excellent way to baseline what's occurring.
I also like that AWS CloudTrail helps with audits.
Principal Solution Architect at StarOne IT Solutions
Feb 15, 2024
AWS CloudTrail helps in accelerating incident investigation and response. It increases it because I pull out the logs to CloudTrail, and from CloudTrail watch, I'll send it to the Security Hub and do a visualization with Prometheus and Grafana.
Banker at a computer software company with 201-500 employees
Mar 25, 2024
In one specific scenario, we encountered a situation where a terminated employee still had access to our environment without our knowledge. With AWS CloudTrail, we could track and monitor the employees' activities, revealing that they were downloading specific files from our customer's environment. Without it enabled, we wouldn't have been aware of this.
IT Engineer at a non-profit with 501-1,000 employees
Feb 1, 2023
Filtering multiple values within the console is a feature that has yet to exist in AWS CloudTrail. You can look up a user identity, service, or action, but you can't search for multiple dimensions.
Banker at a computer software company with 201-500 employees
Mar 25, 2024
Once the organization defines its policies, it must immediately enable AWS CloudTrail and integrate it with auto-remediation procedures using Lambda functions. This ensures that the main administrator can receive information quickly and on time without delay.
More controls should be introduced in CloudTrail, especially to see the logs in CloudTrail itself without saving them in S3, as S3 starts to incur charges.