Track user activity and API usage on AWS and in hybrid and multicloud environments

Benefits

Aggregate and consolidate multisource events

With CloudTrail Lake, you can ingest activity events from AWS and sources outside AWS, including other cloud providers, in-house applications, and SaaS applications running in the cloud or on premises.

Immutably store audit-worthy events

In AWS CloudTrail Lake, you can immutably store audit-worthy events. Easily generate audit reports required by internal policies and external regulations.

Derive insights and analyze unusual activity

Detect unauthorized access and analyze activity logs using Amazon Athena or with SQL-based queries, now even easier with natural language query generation, powered using generative AI, for users with less expertise in writing SQL queries. Respond with rules-based EventBridge alerts and automated workflows.

Why CloudTrail?

AWS CloudTrail is a service that enables governance, compliance, operational auditing, and auditing of your AWS account.

Use cases

Compliance & auditing

Protect your organization from penalties using CloudTrail logs to prove compliance with regulations such as SOC, PCI, and HIPAA.

Security

Improve your security posture by recording user and API activity in your AWS accounts. You can also enhance your data perimeter with network activity events for VPC endpoints. 

Operations

Answer operational questions, facilitate debugging, and investigate issues using SQL-based queries, natural language query generation, or Amazon Athena. Summarize query results by turning on the AI-powered query result summarization feature (in preview), further streamlining your investigations. Visualize trends with dashboards in CloudTrail Lake.