s3:GetObject permissions for the required S3 bucket
Send your logs to an S3 bucket
Logz.io fetches your CloudTrail logs from an S3 bucket.
For help with setting up a new trail, see Overview for Creating a Trail from AWS.
Add the S3 bucket information
To use the S3 fetcher, fill out the S3 bucket information on the CloudTrail log shipping page. You must be logged in to Logz.io.
- S3 bucket: Name of the bucket
- Prefix: The directory where the logs are stored (AWSLogs/Account ID/CloudTrail)
- S3 access key and S3 secret key: Your S3 bucket credentials
Logz.io fetches logs that are generated after configuring an S3 bucket. Past logs are not sent to Logz.io.
Check Logz.io for your logs
Give your logs a few minutes to get from your system to ours, and then open Kibana.
If you still don’t see your logs, see log shipping troubleshooting.