Amazon_CloudWatch_1
Real-time monitoring of API calls can be achieved by directing CloudTrail Logs to CloudWatch Logs and establishing corresponding metric filters and alarms. It is recommended that a metric filter and alarm be established for unauthorized API calls.
Perform the following to Ensure a log metric filter and alarm exist for unauthorized API calls:
Note : Filter pattern for unauthorized API calls
filterPattern”: “{ ($.errorCode = “*UnauthorizedOperation””) || ($.errorCode =
“”AccessDenied*””) }””
Perform the following to setup the metric filter
Want to Know More?
Learn how our partners are managing their cloud security and compliance with Cloudlytics.
I hereby accept the GDPR and Privacy Policy, by subscribing to the newsletters.