Exploring Logs in Cloudtrail For IAM User Activity Lab Guide
- Log in to the AWS Management Console using your root account credentials.
- Open the AWS CloudTrail console by clicking on “Services” in the top navigation bar, selecting “CloudTrail” from the dropdown menu.
- Select the trail that you want to explore logs for.
- Click on the “Event history” tab to view a list of recent events that were logged.
- Use the filter options to search and filter logs based on various criteria, such as the user who performed the action, the type of action that was performed, or the time range when the action occurred.
- Click on a specific event to view more details about the event, such as the API request and response data.
- Use the “Lookup events” feature to search for specific events based on their IDs or other criteria.
- Use the “Insights” feature to create custom queries and visualizations based on CloudTrail logs.
- Experiment with different search and filter options to explore the CloudTrail logs and learn more about the AWS API activity that is being performed in your account.
