AWS Cloudtrail Dashboard

Description

This AWS Cloudtrail Monitoring dashboard brings together all relevant information regarding AWS Cloudtrail. You can see what happens in your Cloud environment on a single dashboard. This helps to understand the AWS Cloudtrail information very easily.

This Kibana dashboard is based on the Elastic Agent integration that is delivered OOTB. The agent integration also includes an out of the box AWS Cloudtrail dashboard. However the dashboard that you can download here is more comprehensive to delivers immediate insights.

What is AWS Cloudtrail?

AWS CloudTrail enables auditing, security monitoring, and operational troubleshooting. CloudTrail records user activity and API calls across AWS services as events. CloudTrail events help you answer the questions of “who did what, where, and when?”

CloudTrail logs can be collected inter regional and from multiple accounts. This makes the adoption very easy. If you want to start without configuring much you can also use this terraform example to monitor all AWS logs and metrics.

With AWS Cloudtrail you can monitor, store, and validate activity events for authenticity. Easily generate audit reports required by internal policies and external regulations.

You also be able to detect unauthorized access using the Who, What, and When information . Respond with the power of Elastic Security to prevent any kind of security issues.

In Elastic you can continuously monitor API usage history using machine learning (ML) models to spot unusual activity in your AWS accounts, and determine root cause.

Tested versions 8.x
ECS compliant Yes

You must log in to submit a review.

Related downloads

Filebeat Suricata Canvas dashboard

A Kibana Canvas dashboard example that visualizes suricata logs collected with Filebeat.

Sigma Sysmon detection rules

A collection of rules based on the Sigma detection rules for Windows Sysmon events based on Winlogbeat data.

Sigma detection rules for proxy server logs

A collection of rules based on the Sigma detection rules for proxy server and web server looks, e.g. zeek or suricata.

Sigma Windows Process Creation detection rules

A collection of rules based on the Sigma rules for Windows (process creation folder) based on Winlogbeat data .

Sigma Elastic SIEM rules for web server logs

A collection of rules based on the Sigma detection rules for web server looks, e.g. apache, nginx or IIS.

Sigma Windows inbuilt detection rules

A collection of rules based on the Sigma rules for Windows (inbuilt folder) based on Winlogbeat data .

These downloads could be also interesting for you

Data flow canvas

Average rating:

This canvas examples shows some possibilities of how to visualize data flows. Every flow can be activated / deactivated based on your Elasticsearch data.

Threat detection Kibana dashboard

Kibana dashboard example visualizing the results of the Elastic SIEM detection engine

Vega Clock UTC

This is a working clock visualization in UTC time.

Ingest Pipeline Monitoring

This Kibana dashboard can be used monitor your ingest pipelines

Ask Me Anything Booth – Canvas Example

This is an example canvas page that shows how to visualize using canvas in general.

Azure billing data network

A vega visualization that shows the connection between resource group, resource type and the resource itself based on Elastic agent azure billing data integration.