Issue
User is looking for a specific event in CloudTrail.
Environment
AWS
Resolution
- From the AWS web console, navigate to CloudTrail
- Select Event History from the navigation menu
- Use the filter to search for the relevant Event name or other attribute (e.g. “CreateSecurityGroup” if looking for events related to Generating AWS Threats in Red Canary)
Note: Events can take up to 5 minutes to populate in CloudTrail, though consideration should be given to the additional time required for event ingest, processing, and investigation/threat publication (if applicable) by Red Canary, particularly for new integrations.
Comments
0 comments
Please sign in to leave a comment.