2021/11/16 - AWS CloudTrail - 2 updated api methods
Changes CloudTrail Insights now supports ApiErrorRateInsight, which enables customers to identify unusual activity in their AWS account based on API error codes and their rate.
{'InsightSelectors': {'InsightType': {'ApiErrorRateInsight'}}}
Describes the settings for the Insights event selectors that you configured for your trail. GetInsightSelectors shows if CloudTrail Insights event logging is enabled on the trail, and if it is, which insight types are enabled. If you run GetInsightSelectors on a trail that does not have Insights events enabled, the operation throws the exception InsightNotEnabledException
For more information, see Logging CloudTrail Insights Events for Trails in the CloudTrail User Guide .
See also: AWS API Documentation
Request Syntax
client.get_insight_selectors(
TrailName='string'
)
string
[REQUIRED]
Specifies the name of the trail or trail ARN. If you specify a trail name, the string must meet the following requirements:
Contain only ASCII letters (a-z, A-Z), numbers (0-9), periods (.), underscores (_), or dashes (-)
Start with a letter or number, and end with a letter or number
Be between 3 and 128 characters
Have no adjacent periods, underscores or dashes. Names like my-_namespace and my--namespace are not valid.
Not be in IP address format (for example, 192.168.5.4)
If you specify a trail ARN, it must be in the format:
arn:aws:cloudtrail:us-east-2:123456789012:trail/MyTrail
dict
Response Syntax
{
'TrailARN': 'string',
'InsightSelectors': [
{
'InsightType': 'ApiCallRateInsight'|'ApiErrorRateInsight'
},
]
}
Response Structure
(dict) --
TrailARN (string) --
The Amazon Resource Name (ARN) of a trail for which you want to get Insights selectors.
InsightSelectors (list) --
A JSON string that contains the insight types you want to log on a trail. In this release, only ApiCallRateInsight is supported as an insight type.
(dict) --
A JSON string that contains a list of insight types that are logged on a trail.
InsightType (string) --
The type of Insights events to log on a trail. The valid Insights type in this release is ApiCallRateInsight .
{'InsightSelectors': {'InsightType': {'ApiErrorRateInsight'}}}
Lets you enable Insights event logging by specifying the Insights selectors that you want to enable on an existing trail. You also use PutInsightSelectors to turn off Insights event logging, by passing an empty list of insight types. The valid Insights event type in this release is ApiCallRateInsight .
See also: AWS API Documentation
Request Syntax
client.put_insight_selectors(
TrailName='string',
InsightSelectors=[
{
'InsightType': 'ApiCallRateInsight'|'ApiErrorRateInsight'
},
]
)
string
[REQUIRED]
The name of the CloudTrail trail for which you want to change or add Insights selectors.
list
[REQUIRED]
A JSON string that contains the Insights types that you want to log on a trail. The valid Insights type in this release is ApiCallRateInsight .
(dict) --
A JSON string that contains a list of insight types that are logged on a trail.
InsightType (string) --
The type of Insights events to log on a trail. The valid Insights type in this release is ApiCallRateInsight .
dict
Response Syntax
{
'TrailARN': 'string',
'InsightSelectors': [
{
'InsightType': 'ApiCallRateInsight'|'ApiErrorRateInsight'
},
]
}
Response Structure
(dict) --
TrailARN (string) --
The Amazon Resource Name (ARN) of a trail for which you want to change or add Insights selectors.
InsightSelectors (list) --
A JSON string that contains the Insights event types that you want to log on a trail. The valid Insights type in this release is ApiCallRateInsight .
(dict) --
A JSON string that contains a list of insight types that are logged on a trail.
InsightType (string) --
The type of Insights events to log on a trail. The valid Insights type in this release is ApiCallRateInsight .