Chapter 11: AWS CloudTrail (Tail? Tale?)

Cloud tail? (A cloud with a tail), Cloud Tale (a story about a cloud, I guess this whole blog is a AWS Tale), Tail Cloud? Yes, there is actually such a thing: And they are dangerous: http://namesofclouds.com/types-of-clouds/tail-clouds.html 

"Cloud watching is really important if you reside in an area where tornadoes frequently occurs. A number of cloud formations indicate tornado development; one of which is tail clouds."


A Tornado with a "Tail Cloud"


I'm enjoying Chapter 11 as it has lots of sections on different services, and they are all short :-)

Next one is on CloudTrail (so, none of the above).

Again this is a sort of obvious service. If you own all the APIs, and everything is HTTP/S then you can in theory track all calls and other meta data (who, what, when, how, why?)

What events does it collect? From the docs:

An event contains information about the associated API call: the identity of the caller, the time of the call, the source IP address, the request parameters, and the response elements returned by the AWS service. For more details, see the CloudTrail Event Reference section of the user guide.

It's not exactly real-time: CloudTrail typically delivers log files within 15 minutes of an API call.

I also wonder how it relates to other monitoring/management AWSs? Is there a complete list of related services? Also, how does it relate to X-Ray? Is X-Ray built on top of it maybe?

Here's an interesting article on hooking it up with other AWSs to actually do something useful.

A webinar

PS
I was struggling to see how CloudTrail. is useful. All it is doing is recording API calls for future analysis. This seems to be a bit "primitive" at some level. Recently I've done some experiments with using our APM+performance modelling tool for security. The idea is to build a model from a baseline of APM data assuming that there are no security or intrusion incidents.  For APM and performance modelling it's critical to have visibility into transactional level dependencies.  For security I suspect that the same it true. Networks are critical to everything. The idea is to compare new production transactions with the model, and if there is sufficient "difference" (in terms of path through the s/w components and times and anything else you can record (e.g. workload context, classes, apis, methods, even data), and times, then it may be an anomalous transaction. I am suspicious that you infer sufficient information from essential a "flat" API call view of the world. I would prefer to see a network view (which sure you can build from CloudTrail, but you still have to do it).

Comments

  1. Great presentation of Aws form of blog and Aws tutorial. Very helpful for beginners like us to understand Aws course. if you're interested to have an insight on Aws training do watch this amazing tutorial.https://www.youtube.com/watch?v=Y4Y8yWVrqo8

    ReplyDelete
    Replies
    1. Chapter 11: Aws Cloudtrail (Tail? Tale?) >>>>> Download Now

      >>>>> Download Full

      Chapter 11: Aws Cloudtrail (Tail? Tale?) >>>>> Download LINK

      >>>>> Download Now

      Chapter 11: Aws Cloudtrail (Tail? Tale?) >>>>> Download Full

      >>>>> Download LINK n1

      Delete
  2. I loved your post.Much thanks again. Fantastic.
    aws training

    ReplyDelete
  3. Want to change your career in Selenium? Red Prism Group is one of the best training coaching for Selenium in Noida. Now start your career for Selenium Automation with Red Prism Group. Join training institute for selenium in noida.

    ReplyDelete
  4. Chapter 11: Aws Cloudtrail (Tail? Tale?) >>>>> Download Now

    >>>>> Download Full

    Chapter 11: Aws Cloudtrail (Tail? Tale?) >>>>> Download LINK

    >>>>> Download Now

    Chapter 11: Aws Cloudtrail (Tail? Tale?) >>>>> Download Full

    >>>>> Download LINK 9R

    ReplyDelete

Post a Comment

Popular posts from this blog

Chapter 11: AWS Directory Service, Cloud Directory

AWS Solution Architecture Certification Postscript

Chapter 2: Amazon Simple Storage Service (S3) and Amazon Glacier Storage (for storing your beer?)