AWS CloudTrail is a web service developed to simplify and provide assistance with AWS accounts. Enabling compliance, governance, and operational and risk auditing, it allows users to monitor, log, and document AWS account-related activity in an easily searchable format. With its comprehensive account event history function, CloudTrail helps users analyze and troubleshoot security and operational issues, detect unusual account activity, and much more by increasing visibility into customers’ user and resource activity.
ClickHouse is an open-source, column-oriented OLAP database management system that allows users to generate analytical reports using SQL queries. Also offered as a secure and scalable service in the cloud, ClickHouse Cloud allows anyone to effortlessly take advantage of efficient real time analytical processing.
1. First, navigate to the AWS Management Console and log in to your account.
2. Once logged in, search for the CloudTrail service and select it.
3. In the CloudTrail dashboard, select the Trails option from the left-hand menu.
4. Click on the name of the trail you want to use as your source connector.
5. In the trail details page, scroll down to the section labeled "Management events" and click on the "Edit" button.
6. In the "Data events" section, click on the "Add data event" button.
7. Select the type of data event you want to capture and configure the settings as needed.
8. Once you have configured the data event, click on the "Save" button to save your changes.
9. Next, navigate to the Airbyte dashboard and select the "Sources" option from the left-hand menu.
10. Click on the "Create a new source" button and select the AWS CloudTrail connector.
11. Enter your AWS access key ID and secret access key in the appropriate fields.
12. Enter the name of the S3 bucket where your CloudTrail logs are stored.
13. Enter the name of the CloudTrail trail you want to use as your source connector.
14. Click on the "Test" button to ensure that your credentials are valid and that Airbyte can connect to your CloudTrail logs.
15. Once the test is successful, click on the "Create" button to create your AWS CloudTrail source connector in Airbyte.
With Airbyte, creating data pipelines take minutes, and the data integration possibilities are endless. Airbyte supports the largest catalog of API tools, databases, and files, among other sources. Airbyte's connectors are open-source, so you can add any custom objects to the connector, or even build a new connector from scratch without any local dev environment or any data engineer within 10 minutes with the no-code connector builder.
We look forward to seeing you make use of it! We invite you to join the conversation on our community Slack Channel, or sign up for our newsletter. You should also check out other Airbyte tutorials, and Airbyte’s content hub!
What should you do next?
Hope you enjoyed the reading. Here are the 3 ways we can help you in your data journey:
What should you do next?
Hope you enjoyed the reading. Here are the 3 ways we can help you in your data journey:
Ready to get started?
Frequently Asked Questions
AWS CloudTrail provides access to a wide range of data related to AWS account activity and resource usage. The following are the categories of data that can be accessed through the API:
1. Event history: This includes information about all the events that have occurred in an AWS account, such as API calls, console sign-ins, and resource changes.
2. Resource activity: This category includes data related to the usage of AWS resources, such as EC2 instances, S3 buckets, and RDS databases.
3. User activity: This category includes data related to user activity in an AWS account, such as user sign-ins, password changes, and access key usage.
4. Security analysis: This category includes data related to security events in an AWS account, such as failed login attempts, unauthorized access attempts, and changes to security groups.
5. Compliance auditing: This category includes data related to compliance auditing in an AWS account, such as changes to IAM policies, CloudTrail configuration changes, and VPC network changes.
Overall, the AWS CloudTrail API provides a comprehensive view of AWS account activity and resource usage, making it a valuable tool for monitoring and managing AWS environments.