Auditing, Monitoring and Logging Flashcards
1
Q
what do auditing, monitoring and logging systems do?
A
- they provide insight into how well your systems are performing
- they help you proactively find and resolve errors
- help you troubleshoot the who, what, why and how something resulted
2
Q
CloudWatch
A
a collection of services that help you monitor and observe your cloud resources and detect anomalies in your environment
3
Q
CloudWatch Alarms
A
alarms when a metric condition/threshold is reached
4
Q
CloudWatch Logs
A
used to monitor application logs
5
Q
CloudWatch Metrics
A
used to visualize time-series data
- the AWS services you use send metrics to CloudWatch and you can access them there
6
Q
CloudWatch Events
A
trigger an event based on a condition (such as someone logging in)
7
Q
CloudTrail
A
tracks user activity and API calls within your account
- identify which user made changes
- detect unusual activity in your account
8
Q
3 ways to access CloudTrail
A
1) AWS console
2) SDKs
3) CLI
9
Q
Use case example for CloudTrail
A
track the moment a particular event occurred
- defaults within the last 90 days
- can customize to track longer than 90 days
10
Q
What is trackable by CloudTrail?
A
- user
- time something occurred
- region
- IP
- error code
- access key
