CloudAcademy
  1. Home
  2. Training Library
  3. Amazon Web Services
  4. Courses
  5. How to Implement & Enable Logging Across AWS Services (Part 1 of 2)

Introduction

The course is part of these learning paths

DevOps Engineer – Professional Certification Preparation for AWS
course-steps 35 certification 4 lab-steps 17 quiz-steps 2 description 3
SysOps Administrator – Associate Certification Preparation for AWS
course-steps 33 certification 4 lab-steps 30 quiz-steps 4 description 5
Security - Specialty Certification Preparation for AWS
course-steps 22 certification 2 lab-steps 12 quiz-steps 5
AWS Services Monitoring & Auditing
course-steps 6 certification 1 lab-steps 3 quiz-steps 2
more_horiz See 1 more

Contents

keyboard_tab
Introduction
Summary
play-arrow
Start course
Overview
DifficultyAdvanced
Duration1h 4m
Students477

Description

Course Description

This course is part 1 of a 2 part course series which focuses on a number of key AWS services and how they perform logging and monitoring across your environment.  Being able to monitor data provides a number of key benefits to your organization, such as compliance, incident detection and resolution, trend analysis and much more! Collating data and statistics about your solutions running within AWS also provides the ability to optimize it's performance.  This series looks at how to implement, configure and deploy logging and monitoring mechanisms using the following AWS services and features

Part 1: 

  • Amazon CloudWatch - CloudWatch Monitoring Agent
  • AWS CloudTrail Logs
  • Monitoring CloudTrail Logs with CloudWatch Metric Filters
  • Amazon S3 Access Logs

Part 2:

  • Amazon CloudFront Access Logs
  • VPC Flow Logs
  • AWS Config Configuration History 
  • Filtering and searching data using Amazon Athena

The course for Part 2 can be found here

Learning Objectives

By the end of this course series you will be able to:

  • Understand why and when you should enable logging of key services
  • Configure logging to enhance incident resolution and security analysis
  • Understand how to extract specific data from logging data sets

Intended Audience

The content of this course is centered around security and compliance. As a result, this course is beneficial to those who are in the roles or their equivalent of:

  • Cloud Security Engineers
  • Cloud Security Architects
  • Cloud Administrators
  • Cloud Support & Operations
  • Compliance Managers

Prerequisites

This is an advanced level course series and so you should be familiar with the following services and understand their individual use case and feature sets.

  • Amazon CloudWatch
  • AWS CloudTrail
  • Amazon EC2
  • CloudFront
  • Lambda
  • AWS Config
  • Amazon S3
  • IAM
  • EC2 Systems Manager (SSM)

This course includes

7 lectures

6 demonstrations

Feedback

If you have thoughts or suggestions for this course, please contact Cloud Academy at support@cloudacademy.com.

Transcript

Transcript

Hello and welcome to part one of this two part series of courses which has been designed to help you understand how AWS performs logging for a number of key services and how to use this data captured by the logs to resolve incidents and identify security threats. 

Before we start I would like to introduce myself. My name is Stuart Scott. I am one of the trainers here at Cloud Academy specializing in AWS Amazon Web Services. Feel free to connect with me with any questions using the details shown on screen. Alternatively you can always get in touch with us here at Cloud Academy by sending an email to support@cloudacademy.com where one of our cloud experts will reply to your question. 

The focus of this two part series is to understand the login process and how to monitor this data to your organization's benefit from both an operational and security perspective. As a result those who have the following or similar roles would benefit from this content: Cloud Security Engineer, Cloud Security Architect, Cloud Administrators, Cloud Support and Operations and Compliance Managers. 

Part one of this series is constructed of the following lectures. The Benefits of Logging. This lecture focuses on the core principle of why logging is important. CloudWatch Logs. Here we'll look at how to implement logging using CloudWatch Logs and the associated agent. Next I'll look at CloudTrail Logging and CloudTrail records all API calls. So here I explain how you can use these logs and how they are constructed. Next we'll be monitoring CloudTrail Logs, and here I look at how you can use CloudWatch to monitor CloudTrail events, and then finally in this course we look at S3 Access Logs, and this lecture focuses on the logging capabilities within S3 buckets. 

Part two of this series will continue the theme of logging across AWS services by explaining the following. CloudFront Logs, and here we'll look at how to log the request from each user requesting access to your website and distribution. Next I look at VPC Flow Logs, and this lecture focuses on how to look at the network data traversing your network interface cards within your VPC. Next is AWS Config Logging, and here I'll look at how AWS Config provides a timeline of changes against your AWS resources. And finally in Part two, I look at Filtering and Searching of Log Data, and this lecture looks at how to use Amazon Athena to query logs being stored on S3. 

The objectives of this series is to enable you to understand why and when you should enable logging of key services, how to configure logging to enhance incident resolution and security analysis, and you'll understand how to extract specific data from logging data sets. 

This is an advanced level course series, and so you should be familiar with the following services and understand the individual use cases and feature sets. Throughout this series I will reference a number of URL links which will help and direct you to related information on specific topics. To makes these links easily available to you I've included them at the top of the transcript within the lecture they are referenced. 

Feedback on our courses here at Cloud Academy are valuable to both us as trainers and any students looking to take the same course in the future. If you have any feedback positive or negative, it would be greatly appreciated if you could contact support@cloudacademy.com. 

That brings me to the end of this lecture. Coming up next I want to start off by looking at the different benefits that logging brings to your operational environment.

About the Author

Students44241
Labs1
Courses50
Learning paths31

Stuart has been working within the IT industry for two decades covering a huge range of topic areas and technologies, from data centre and network infrastructure design, to cloud architecture and implementation.

To date Stuart has created over 40 courses relating to Cloud, most within the AWS category with a heavy focus on security and compliance

He is AWS certified and accredited in addition to being a published author covering topics across the AWS landscape.

In January 2016 Stuart was awarded ‘Expert of the Year Award 2015’ from Experts Exchange for his knowledge share within cloud services to the community.

Stuart enjoys writing about cloud technologies and you will find many of his articles within our blog pages.