AWS CloudTrail Reviews

Our company uses the solution to monitor cloud services. All cloud activities are stored in the solution. 

We check the solution's logs and compare them to CloudWatch. 

The solution is good as a central logging platform for showing all cloud events. For example, it records new users and their activities or events. When you open the solution, you get good details about what has been going on for the entire day. 

The auditing and compliance points of view are good. 

The solution should incorporate visibility for CloudWatch events so that one view includes everything across both products. 

The event capture timing should be reduced. Currently, you have to wait about 15 minutes after an event happens before you can view it in the log. 

I have been using the solution for four years. 

The stability is good and rated an eight out of ten. 

The scalability is rated an eight out of ten. 

Technical support is very responsive so is rated a nine out of ten. 

Positive

There is no setup because the solution's service is included with the AWS cloud. 

The solution is free if you don't need customizations but is not expensive otherwise. 

CyberArk is good at capturing events but the solution is pretty smart. It is difficult to compare the two products because both are good, scalable, and stable. 

The solution is a good, all-in-one product for logs, security, and compliance that are important in the cloud. Its logs automatically capture publishing, services, events, and anything you create in AWS. 

I rate the solution a nine out of ten. 

AWS CloudTrail is a service provider that enables complaints, operation auditing, and risk auditing for AWS accounts. CloudTrail logs API all across our AWS resources and maintains an event history for AWS accounts. The solution integrates with Amazon S3 buckets, and the logs are stored in the S3 buckets of our choice.

AWS CloudTrail integrates with AWS Config and provides custom event, security, and compliance auditing.

The solution's operation visibility could be improved.

I have been using AWS CloudTrail for more than one year.

AWS CloudTrail is a stable solution.

More than three people are using the solution in our organization.

I am happy with the solution’s technical support.

The solution’s initial setup is easy.

AWS CloudTrail is a cheap solution.

I would recommend the solution to other users. Using AWS CloudTrail has helped us better monitor our organization's operational health. The integration of AWS CloudTrail with other AWS services has helped configure the solution's settings, verify login, and monitor and analyze logs. It is easy for somebody to learn to use AWS CloudTrail for the first time.

Overall, I rate the solution ten out of ten.

We use it for auditing to ensure secure AWS environments. Most of our customers require FSA compliance, which necessitates proper logging and auditing. We've enabled CloudTrail for most services for this reason.

AWS CloudTrail helps in accelerating incident investigation and response. It increases it because I pull out the logs to CloudTrail, and from CloudTrail watch, I'll send it to the Security Hub and do a visualization with Prometheus and Grafana. 

Our software engineer can then visualize and perform a root cause analysis (RCA) of any issues that happen. So, it has accelerated both troubleshooting scenarios and proactive monitoring.

CloudTrail is invaluable for compliance, security, and auditing, especially during audits. It allows me to easily retrieve necessary details for our organization.

However, it does increase the security and compliance angle. This covers everything. For example, if we take a customer from a healthcare perspective, I have all the HIPAA-related compliance services to ensure I can meet those requirements. It's not a problem.

I like Active Directory group policy auditing. If enabled, I receive automatic notifications when someone changes a password, eliminating the need to manually check Active Directory for these events.

It's getting better, but it's not perfect because technology landscapes and use cases constantly evolve. There's a lot happening, so it's not perfect. It's improving.

It is a very stable product. I have not faced any issues in the cloud environment. 

Anyone in our organization using AWS will be using CloudTrail. Security is built into our DNS, it doesn't separate.

So, there are about 40 to 45 end users. 

In the initial stages, when I faced challenges, I used to contact support very frequently. 

However, once I started using CloudTrail for all accounts and became familiar with it, I was able to handle most configuration aspects from a CloudTrail standpoint without needing much assistance from AWS support.

The initial setu is easy. There is a lot of documentation available on the AWS website. I can easily refer to that if I get stuck anywhere. 

Plus, there's a great community available. If I just post a question there, I'm happy to get all the details. 

Whether I was stuck, the community, all the documentation, or white papers provided me with the right solutions and answers. So there were no deployment roadblocks for me.

CloudTrail is a native AWS service, so on-premises deployment isn't possible.

It is a very cheap service because management is a SaaS offering from AWS.

The cost depends on how many files you enable, but it's very compatible with other AWS tools.

My advice depends on whether you're a BFSA customer or a healthcare customer. Specific parameters need to be enabled based on your industry. With that configuration, you'll be able to trigger notifications and pull out data.  

Overall, I would rate the solution an eight out of ten because when you consider all business sectors like healthcare, shipping, retail, manufacturing, and research & development, each generates different types of files and events.  

Whenever we need to find out who made the API call or who terminated the instance or service. AWS CloudTrail was really helpful for me to figure out who the user is and who has triggered the action or made the API call. It helps find who terminated an instance or service. The tool was very helpful for me. I always check my CloudTrail logs and by username, and I could find a lot of helpful information.

It would be good if we were able to integrate with other services as well. From what I am aware of, we do the monitoring. We can integrate AWS CloudTrail with CloudWatch, Amazon Athena, and EventBridge. If we can integrate AWS CloudTrail with more services, then it can be a more helpful product for the organization.

I have been using AWS CloudTrail for years. I am a customer and user of Amazon tools.

From a scalability point of view, the tool has no issue, and it is completely fine. Scalability-wise, I rate the solution a nine out of ten.

The tool has been set up and integrated with our company's services, so it exists in the cloud environment. Whoever has access to the cloud, mainly the DevOps team uses AWS CloudTrail to identify or zero down the event or the user who made the API call. The DevOps team mostly uses the tool to manage the cloud environment.

I have used AWS CloudFormation.

The product's initial setup phase is not pretty straightforward. I will say that the setup phase is a little bit complex. You should have some knowledge when you are setting up AWS CloudTrail. On a scale of one to ten, I would rate the setup phase a six for the visibility.

From the time perspective, it doesn't take much time if you are aware of how to set up the tool, as it is quite a fast process and can be done in very less time.

AWS CloudTrail's most valuable feature in enhancing your compliance audit is that it gives me the ability to search for users who have made different API calls, which is something I find really helpful in AWS in most cases. I searched for the user who made that API call or identified it easily by using the search feature in AWS CloudTrail.

My company has integrated AWS CloudTrail with Amazon EventBridge and Amazon Athena. When we integrated AWS CloudTrail with Amazon Athena, we could easily enhance our analysis. For example, if I want to identify the trend and isolate some activity by attribute or source IP address, then I will use CloudTrail logs integrated with Amazon Athena. I could easily isolate activities associated with the source IP address.

The tool is easy to use, and I rate it seven out of ten. You need to have some knowledge of AWS CloudTrail because you have to run some queries or filter the source IP address. You should have some knowledge about the tool.

I recommend the tool to others.

I have not used the tool's AI capabilities.

I rate the tool a nine out of ten.

It's like a native feature. It's like a single audit point for everything AWS. Any changes made by users or roles get saved in CloudTrail. It's gotta be enabled; it's the most important security feature on AWS.

Maybe if we could do direct queries on CloudTrail without needing to export it to Athena, that'd be great. 

I have been using it for three years now. 

It is a stable solution. AWS handles it well.

There are five to six admins using this solution, we don't have separate user groups.

It is a one-click deployment.

CloudTrail itself is free of cost. 

I'd advise to integrate it with your security solution and correlate logs across AWS. That's the single point to start understanding if your account is compromised. And always keep a backup of the logs.

And make sure those logs are kept in a separate AWS account from the main one. First thing any attacker would do is delete those logs to cover their tracks. Forensics becomes very tough without them.

Overall, I would rate the solution a ten out of ten.

We use the product for monitoring activities of AWS accounts in terms of operational review, governance, and compliance.

The product’s most valuable feature is monitoring. Changes in AWS account at the application and resource level are easily audited with cloudtrail.

The platform’s reporting log sheet feature could be more user-friendly.

We have been using AWS CloudTrail for three years now.

It is a stable product.

We have three administrators using AWS CloudTrail in our organization.

The initial setup is easy. It has default functionality for application and resource-level monitoring of databases.

I rate AWS CloudTrail an eight out of ten. I recommend the solution if you are auditing compliance and security for data usage.