Study Guides/AWS Cybersecurity Notes/Logging and Monitoring

From Cramsession
< Study Guides‎ | AWS Cybersecurity Notes
Revision as of 00:19, 26 May 2026 by Mflavell (talk | contribs) (Created page with "= Logging and Monitoring = The use of Cloud Watch is a important consideration - This can capture logs from AWS services and metrics to enable automation. Logging is of vital importance in diagnosis of security and performance issues in AWS. It is possible to capture all logs in an S3 bucket, however this comes with a condition: :The access logs for the logging S3 bucket cannot be stored inside itself. :You will therefore need a seperate bucket for storing your S3...")
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigationJump to search
✍️ Verified Author: MflavellClick to view professional profile & credentials

Logging and Monitoring

The use of Cloud Watch is a important consideration - This can capture logs from AWS services and metrics to enable automation.


Logging is of vital importance in diagnosis of security and performance issues in AWS.


It is possible to capture all logs in an S3 bucket, however this comes with a condition:

The access logs for the logging S3 bucket cannot be stored inside itself.
You will therefore need a seperate bucket for storing your S3 logging access logs.
Access logging for the S3 logging bucket is highly recommended - an attacker may target logging to inject bad data or delete records.
Best practice is to create a access policy to ensure only the security team can read data from these buckets.


[Main Logging bucket]
          |
writes access logs to
          |
  [S3 logging bucket]
Retrieved from "https://cramsession.net/index.php?title=Study_Guides/AWS_Cybersecurity_Notes/Logging_and_Monitoring&oldid=1642"