Cloud logs

The Cloud Logs menu item allows you to access your cloud audit logs: AWS Cloudtrail, Azure Activity Log & GCP Audit Log. This enables you to analyze and investigate security events and activity seen in the logs.

  1. In the Lacework Console, navigate to Cloud Logs.

  2. Select AWS Cloudtrail.

    Lacework Cloud Logs

  3. In the Polygraph pane, select a time window where there are alerts.

    Lacework Cloud Logs Polygraph Alert

  4. Zoom and navigate to analyze the activity.

  5. Click on the nodes to access more information.

Challenge

Can you find AWS API error failures due to permission issues?