How To Filter AWS CloudTrail Events Using API

How To Filter AWS CloudTrail Events Using API

How To Filter AWS CloudTrail Events Using API

Hello Everyone

Welcome to CloudAffaire and this is Debjeet.

In the last blog post, we have discussed how to get started with AWS CloudTrail.

https://cloudaffaire.com/getting-started-with-aws-cloudtrail/

In today’s blog post, we will discuss how to filter AWS CloudTrail events using API. You can use filters in CloudTrail events to filter and get the required events. You can filter CloudTrail events by time, by event source, resource name, resource type, event id etc. We are going to use AWS CLI to filter the CloudTrail events but the technique and concept is same for console as well as any other API tool.

How To Filter AWS CloudTrail Events Using API:

Prerequisites:

  • AWS CLI installed and configured with proper access.

You can use below link to install and configure AWS CLI.

https://cloudaffaire.com/how-to-install-aws-cli/

https://cloudaffaire.com/how-to-configure-aws-cli/

How To Filter CloudTrail Events For Specific Resource Type:

How To Filter CloudTrail Events For Specific Resource Name:

How To Filter CloudTrail Events For Specific Event Name Using AWS

How To Filter CloudTrail Events For Specific User Name Using AWS CLI

How To Filter CloudTrail Events For Specific Event Source Using AWS CLI

How To Filter CloudTrail Events By Access Key ID Using AWS CLI

How To Get CloudTrail Events Using Event ID

How To Get CloudTrail Events By Read Status Using AWS CLI

How To Get CloudTrail Events For Specific Time Using AWS CLI

You can combine multiple filters to pin down the specific event you are looking for. Let’s understand CloudTrail advance filtration using an example

How To Combine Multiple Filters In CloudTrail When Using AWS CLI

Hope you have enjoyed this article. To know more about AWS CloudTrail, please refer below official documentation

https://docs.aws.amazon.com/cloudtrail/index.html

Leave a Reply

Close Menu