AWS CloudTrail Reviews

Whenever we need to find out who made the API call or who terminated the instance or service. AWS CloudTrail was really helpful for me to figure out who the user is and who has triggered the action or made the API call. It helps find who terminated an instance or service. The tool was very helpful for me. I always check my CloudTrail logs and by username, and I could find a lot of helpful information.

It would be good if we were able to integrate with other services as well. From what I am aware of, we do the monitoring. We can integrate AWS CloudTrail with CloudWatch, Amazon Athena, and EventBridge. If we can integrate AWS CloudTrail with more services, then it can be a more helpful product for the organization.

I have been using AWS CloudTrail for years. I am a customer and user of Amazon tools.

From a scalability point of view, the tool has no issue, and it is completely fine. Scalability-wise, I rate the solution a nine out of ten.

The tool has been set up and integrated with our company's services, so it exists in the cloud environment. Whoever has access to the cloud, mainly the DevOps team uses AWS CloudTrail to identify or zero down the event or the user who made the API call. The DevOps team mostly uses the tool to manage the cloud environment.

I have used AWS CloudFormation.

The product's initial setup phase is not pretty straightforward. I will say that the setup phase is a little bit complex. You should have some knowledge when you are setting up AWS CloudTrail. On a scale of one to ten, I would rate the setup phase a six for the visibility.

From the time perspective, it doesn't take much time if you are aware of how to set up the tool, as it is quite a fast process and can be done in very less time.

AWS CloudTrail's most valuable feature in enhancing your compliance audit is that it gives me the ability to search for users who have made different API calls, which is something I find really helpful in AWS in most cases. I searched for the user who made that API call or identified it easily by using the search feature in AWS CloudTrail.

My company has integrated AWS CloudTrail with Amazon EventBridge and Amazon Athena. When we integrated AWS CloudTrail with Amazon Athena, we could easily enhance our analysis. For example, if I want to identify the trend and isolate some activity by attribute or source IP address, then I will use CloudTrail logs integrated with Amazon Athena. I could easily isolate activities associated with the source IP address.

The tool is easy to use, and I rate it seven out of ten. You need to have some knowledge of AWS CloudTrail because you have to run some queries or filter the source IP address. You should have some knowledge about the tool.

I recommend the tool to others.

I have not used the tool's AI capabilities.

I rate the tool a nine out of ten.

It's like a native feature. It's like a single audit point for everything AWS. Any changes made by users or roles get saved in CloudTrail. It's gotta be enabled; it's the most important security feature on AWS.

Maybe if we could do direct queries on CloudTrail without needing to export it to Athena, that'd be great. 

I have been using it for three years now. 

It is a stable solution. AWS handles it well.

There are five to six admins using this solution, we don't have separate user groups.

It is a one-click deployment.

CloudTrail itself is free of cost. 

I'd advise to integrate it with your security solution and correlate logs across AWS. That's the single point to start understanding if your account is compromised. And always keep a backup of the logs.

And make sure those logs are kept in a separate AWS account from the main one. First thing any attacker would do is delete those logs to cover their tracks. Forensics becomes very tough without them.

Overall, I would rate the solution a ten out of ten.

We use the product for monitoring activities of AWS accounts in terms of operational review, governance, and compliance.

The product’s most valuable feature is monitoring. Changes in AWS account at the application and resource level are easily audited with cloudtrail.

The platform’s reporting log sheet feature could be more user-friendly.

We have been using AWS CloudTrail for three years now.

It is a stable product.

We have three administrators using AWS CloudTrail in our organization.

The initial setup is easy. It has default functionality for application and resource-level monitoring of databases.

I rate AWS CloudTrail an eight out of ten. I recommend the solution if you are auditing compliance and security for data usage.