A key pair has been deleted by removing the public key from the EC2. With advanced event selectors, you can include or exclude values on fields such as EventSource, EventName, and ResourceARN. A Read Replica instance became a standalone instance. Events (represented as small blobs of JSON) are generated in four ways. Introduction Amazon Redshift is a fully managed, petabyte-scale data warehouse service in the cloud. record of actions taken by a user, role, or an AWS service in Amazon Redshift Data A managed policy has been added to an IAM user. An account can no longer restore a Redshift snapshot. New Relic's AWS CloudTrail integration collects events that represent errors and AWS console logins. A customer gateway has been deleted. Published 7 days ago. "US East" in the below example) Configuring Amazon CloudTrail. When search, and download recent events in your AWS account. An Elastic Beanstalk environment has been created. An Instance has been launched. Monitoring for both performance and security is top of mind for security analysts, and out-of-the-box tools from cloud server providers are hardly adequate to gain the level of visibility needed to make data-driven decisions. A new virtual MFA device has been created for the AWS account. Amazon ECS Container & Task State Changes ... Amazon SQS. You can still access older information with the, The Delivery Channel for a Config Rule has been deleted. A managed policy has been removed from an IAM group. The CloudTrail data source currently translates the event name for the following event types supported by the Amazon SES API (https://docs.aws.amazon.com/redshift/latest/APIReference/Welcome.html). The role will not have had any policies attached if it was able to be deleted. RedShift is an OLAP type of DB. the documentation better. The most recent event is listed first. A network interface has been deleted. Event history simplifies security analysis, resource change tracking, and troubleshooting. If this is unexpected then this warrants further investigation as the contents will have been permanently lost. A hosted connection has been created and confirmed on an interconnect. This won't handle traffic until it has been confirmed at which point you should see a. For keeping an eye on EC2, organizations will often use a combination of CloudTrail and CloudWatch to keep an eye on events and performance respectively. Version 3.16.0. The replication configuration has been deleted from a bucket. Similar metadata to. Sumo Logic helps organizations gain better real-time visibility into their IT infrastructure. A policy for an IAM role has been added or updated. An inline policy for an IAM role has been deleted. A security group has been associated with a load balancer. $ terraform import aws_redshift_event_subscription.default redshift-event-sub A CIDR block has been associated with a subnet. A target has been deregistered. Following is the checklist around Redshift for security monitoring: Security Monitoring Checklist. If you've got a moment, please tell us how we can make A NAT gateway has been deleted which means the Elastic IP address will have been dissociated but not released from the account. AWS Lambda. A VPC connection between a virtual private gateway and a VPN customer gateway has been created. The gateway will have been detached beforehand (see. The source instance may have been running MySQL, MariaDB, Oracle or PostgreSQL - you can get more information. An Elastic Beanstalk environment has been updated.