Home > database >  S3 Logs Details
S3 Logs Details

Time:02-03

Is there a way to see what actions the 'G2' IAM user is performing in S3, and which IP(s) they are running from? I have already enabled the logging of S3 actions.

One point I’m still not able to figure out is that when I’m trying to find logs in Cloud trail using an AWS access key or username in both cases, I’m getting results as No matches. But throughout the day that user (G2) interacts with S3, based on the times it seems like it is a CRON running on some server. How to identify it?

Is the CLI tool CloudTrail log will be helpful for my scenario? Can anyone help me with this?

CodePudding user response:

Yes, you can use CloudTrail logs:

https://docs.aws.amazon.com/AmazonS3/latest/userguide/cloudtrail-logging-s3-info.html

CodePudding user response:

To track API requests, you can use AWS CloudTrail to capture requests, including the user and IP address.

See: Logging Amazon S3 API calls using AWS CloudTrail - Amazon Simple Storage Service.

To track web requests, you can activate Server Access Logging, which is effectively a log file like a web server produces. It will track the IP address, but it can only identify authenticated users.

See Logging requests using server access logging - Amazon Simple Storage Service.

Page link:https//www.codepudding.com/database/287382.html

Prev:Delete Image on S3 bucket before uploading new image with the same name
Next:Boto3 and S3: For loop finishing after iterating through only 6 out of 200 S3 buckets in the list
  •  Tags:  
  • Related

About Us:  Contact Us      Terms of Service       Privacy Policy

Copyright © 2010-2023,Powered By CodePudding