Get a DemoStart Free TrialSign In


Ship logs from CloudTrail to logstash

Send Your DataLogsAWSCloudTrail Guide

Follow this step by step guide to start sending data from your system to

Step 1 - Confirm S3 Bucket

Ensure your logs are being sent to an S3 bucket. The following guide from Amazon will help you achieve this if you are not doing this already:

Cloudtrail to S3

Step 2 - Ensure Adequate Bucket Permissions

The following permissions applied to the AWS IAM Policy being used:

  • s3:ListBucket to check if the S3 bucket exists and list objects in it.
  • s3:GetObject to check object metadata and download objects from S3 buckets.

Below is how your permissions should appear:

    "Version": "2012-10-17",
    "Statement": [
            "Sid": "SidID",
            "Effect": "Allow",
            "Action": [
            "Resource": [

Step 3 - Configure Logstash for Amazon Cloudtrail

To start sending logs and metrics from AWS to your Stack you need to configure an AWS Input on your Stack.

Go to Dashboard will verify your input before it is applied, we will contact you to confirm when this has been completed.

Step 4 - Check for your logs

Data should now have been sent to your Stack.

View my data

If you don't see logs take a look at How to diagnose no data in Stack below for how to diagnose common issues.

Step 5 - Cloudtrail Logging Overview

Sending data to from CloudTrail is an efficient process that ensures your AWS infrastructure remains secure and your logs are easily accessible for analysis. By configuring CloudTrail to forward logs to, you can gain deeper insights into your AWS environment, troubleshoot issues, and proactively detect and respond to security incidents. This approach complements the use of AWS Elastic Kubernetes Service (EKS) for container orchestration, as well as the efficient utilization of AWS Lambda for comprehensive log management. As part of's service for AWS logging, these integrations all work together in tandem.

Return to Search
Sign Up

© 2024 Ltd, All rights reserved.