Serverless App: AWS CloudTrail Log Analytics using Amazon Elasticsearch Service

Too Long; Didn't Read

In this article, I’m will talk about how you can build a <a href="https://hackernoon.com/tagged/serverless" target="_blank">Serverless</a> application using <a href="https://github.com/awslabs/serverless-application-model" target="_blank">AWS Serverless Application Model</a> (SAM) to perform Log Analytics on AWS <a href="https://aws.amazon.com/cloudtrail/" target="_blank">CloudTrail</a> data using <a href="https://aws.amazon.com/elasticsearch-service/" target="_blank">Amazon Elasticsearch Service</a>. The <a href="https://hackernoon.com/tagged/aws" target="_blank">AWS</a> Serverless Application will help you analyze <a href="https://hackernoon.com/tagged/aws" target="_blank">AWS</a> CloudTrail Logs using Amazon Elasticsearch Service. The application creates CloudTrail trail, sets the log delivery to an s3 bucket that it creates and configures SNS delivery whenever the CloudTrail log file has been written to s3. The app also<br>creates an Amazon Elasticsearch Domain and creates an Amazon Lambda Function which gets triggered by the SNS message, get the s3 file location, read the contents from the s3 file and write the data to Elasticsearch for analytics.