How to load data from AWS CloudTrail to Clickhouse

Learn how to use Airbyte to synchronize your AWS CloudTrail data into Clickhouse within minutes.

Try Airbyte CloudManual method (the hard way)

Building your pipeline or Using Airbyte

Airbyte is the only open source solution empowering data teams  to meet all their growing custom business demands in the new AI era.

Building in-house pipelines

Bespoke pipelines are:
  • Inconsistent and inaccurate data
  • Laborious and expensive
  • Brittle and inflexible
Furthermore, you will need to build and maintain Y x Z pipelines with Y sources and Z destinations to cover all your needs.

After Airbyte

Airbyte connections are:
  • Reliable and accurate
  • Extensible and scalable for all your needs
  • Deployed and governed your way
All your pipelines in minutes, however custom they are, thanks to Airbyte’s connector marketplace and AI Connector Builder.

Start syncing with Airbyte in 3 easy steps within 10 minutes

Set up a AWS CloudTrail connector in Airbyte

Connect to or one of 400+ pre-built or 10,000+ custom connectors through simple account authentication.

Set up Clickhouse for your extracted AWS CloudTrail data

Select where you want to import data from your source to. You can also choose other cloud data warehouses, databases, data lakes, vector databases, or any other supported Airbyte destinations.

Configure the AWS CloudTrail to Clickhouse in Airbyte

This includes selecting the data you want to extract - streams and columns -, the sync frequency, where in the destination you want that data to be loaded.
Try Airbyte CloudManual method (the hard way)

Take a virtual tour

Check out our interactive demo and our how-to videos to learn how you can sync data from any source to any destination.

Demo video of Airbyte Cloud

Demo video of AI Connector Builder

Talk to our team

Setup Complexities simplified!

You don’t need to put hours into figuring out how to use Airbyte to achieve your Data Engineering goals.

Simple & Easy to use Interface

Airbyte is built to get out of your way. Our clean, modern interface walks you through setup, so you can go from zero to sync in minutes—without deep technical expertise.

Guided Tour: Assisting you in building connections

Whether you’re setting up your first connection or managing complex syncs, Airbyte’s UI and documentation help you move with confidence. No guesswork. Just clarity.

Airbyte AI Assistant that will act as your sidekick in building your data pipelines in Minutes

Airbyte’s built-in assistant helps you choose sources, set destinations, and configure syncs quickly. It’s like having a data engineer on call—without the overhead.

Try Airbyte CloudManual method (the hard way)

What sets Airbyte Apart

Modern GenAI Workflows

Streamline AI workflows with Airbyte: load unstructured data into vector stores like Pinecone, Weaviate, and Milvus. Supports RAG transformations with LangChain chunking and embeddings from OpenAI, Cohere, etc., all in one operation.

Move Large Volumes, Fast

Quickly get up and running with a 5-minute setup that enables both incremental and full refreshes for databases of any size, seamlessly scaling to handle large data volumes. Our optimized architecture overcomes performance bottlenecks, ensuring efficient data synchronization even as your datasets grow from gigabytes to petabytes.

An Extensible Open-Source Standard

More than 1,000 developers contribute to Airbyte’s connectors, different interfaces (UI, API, Terraform Provider, Python Library), and integrations with the rest of the stack. Airbyte’s AI Connector Builder lets you edit or add new connectors in minutes.

Full Control & Security

Airbyte secures your data with cloud-hosted, self-hosted or hybrid deployment options. Single Sign-On (SSO) and Role-Based Access Control (RBAC) ensure only authorized users have access with the right permissions. Airbyte acts as a HIPAA conduit and supports compliance with CCPA, GDPR, and SOC2.

Fully Featured & Integrated

Airbyte automates schema evolution for seamless data flow, and utilizes efficient Change Data Capture (CDC) for real-time updates. Select only the columns you need, and leverage our dbt integration for powerful data transformations.

Enterprise Support with SLAs

Airbyte Self-Managed Enterprise comes with dedicated support and guaranteed service level agreements (SLAs), ensuring that your data movement infrastructure remains reliable and performant, and expert assistance is available when needed.

What our users say

Raman Singh

Tech Lead at Symend

Predictable, straightforward pricing model that simplified budgeting and significantly reduced overall spend

Learn more
Chase Zieman headshot

Chase Zieman

Chief Data Officer

“Airbyte helped us accelerate our progress by years, compared to our competitors. We don’t need to worry about connectors and focus on creating value for our users instead of building infrastructure. That’s priceless. The time and energy saved allows us to disrupt and grow faster.”

Learn more

Rupak Patel

Operational Intelligence Manager

"With Airbyte, we could just push a few buttons, allow API access, and bring all the data into Google BigQuery. By blending all the different marketing data sources, we can gain valuable insights."

Learn more

How to Sync to Manually

Step 1: Set Up AWS CloudTrail Logging

Begin by ensuring that AWS CloudTrail is properly configured to log events. Navigate to the AWS CloudTrail console, and create or verify an existing trail that logs management and data events. Ensure that the trail is set to deliver logs to an S3 bucket. This S3 bucket will serve as the source of the CloudTrail logs.

Step 2: Configure S3 Bucket for Log Storage

Set up an S3 bucket to store CloudTrail logs. Ensure correct permissions are in place so that CloudTrail can write logs to this bucket. You may need to set up an S3 bucket policy that allows CloudTrail to perform necessary actions like `s3:PutObject`.

Step 3: Set Up AWS Identity and Access Management (IAM) Roles

Create an IAM role with permissions to read from your S3 bucket. This role will be used later to access the logs when transferring data to ClickHouse. Make sure the role has the `s3:GetObject` permission for the S3 bucket containing the CloudTrail logs.

Step 4: Install and Configure AWS CLI

Install the AWS Command Line Interface (CLI) on your local machine or a server that will orchestrate the data transfer. Configure the CLI with the necessary credentials and region settings. Use the `aws configure` command to enter your AWS Access Key, Secret Key, and preferred region.

Step 5: Download CloudTrail Logs

Use the AWS CLI to download the CloudTrail logs from the S3 bucket to a local or intermediate storage. Execute a command like `aws s3 cp s3://your-cloudtrail-bucket/path/to/logs/ /local/path/ --recursive` to download logs recursively. This step ensures you have access to the raw log data for processing.

Step 6: Parse and Transform CloudTrail Logs

Develop a script or use a tool (like a Python script with the `json` module) to parse the JSON-formatted CloudTrail logs. Transform the data into a CSV format or another structured format that ClickHouse can ingest. Ensure the script extracts relevant fields and formats them correctly.

Step 7: Load Data into ClickHouse

Use ClickHouse's native tools to load the transformed data. You can use the `clickhouse-client` command-line tool to execute SQL queries that insert the data into your ClickHouse tables. For example, use `clickhouse-client --query="INSERT INTO your_table FORMAT CSV" < /path/to/transformed_data.csv` to load the data. Ensure that the ClickHouse table schema matches the structure of your transformed data.
By following these steps, you can successfully move data from AWS CloudTrail to a ClickHouse warehouse without relying on third-party connectors or integrations.