How to Implement & Enable Logging Across AWS Services (Part 1 of 2)
This lesson is part 1 of a 2 part lesson series which focuses on a number of key AWS services and how they perform logging and monitoring across your environment. Being able to monitor data provides a number of key benefits to your organization, such as compliance, incident detection and resolution, trend analysis and much more! Collating data and statistics about your solutions running within AWS also provides the ability to optimize its performance. This series looks at how to implement, configure and deploy logging and monitoring mechanisms using the following AWS services and features
Part 1:
- Amazon CloudWatch - CloudWatch Monitoring Agent
- AWS CloudTrail Logs
- Monitoring CloudTrail Logs with CloudWatch Metric Filters
- Amazon S3 Access Logs
Part 2:
- Amazon CloudFront Access Logs
- VPC Flow Logs
- AWS Config Configuration History
- Filtering and searching data using Amazon Athena
The lesson for Part 2 can be found here
Learning Objectives
By the end of this lesson series you will be able to:
- Understand why and when you should enable logging of key services
- Configure logging to enhance incident resolution and security analysis
- Understand how to extract specific data from logging data sets
Intended Audience
The content of this lesson is centered around security and compliance. As a result, this lesson is beneficial to those who are in the roles or their equivalent of:
- Cloud Security Engineers
- Cloud Security Architects
- Cloud Administrators
- Cloud Support & Operations
- Compliance Managers
Prerequisites
This is an advanced level lesson series and so you should be familiar with the following services and understand their individual use case and feature sets.
- Amazon CloudWatch
- AWS CloudTrail
- Amazon EC2
- CloudFront
- Lambda
- AWS Config
- Amazon S3
- IAM
- EC2 Systems Manager (SSM)
Feedback
If you have thoughts or suggestions for this lesson, please contact Cloud Academy at platformsupport@qa.com.