Logging Insights events with the CloudTrail console - AWS CloudTrail
Enabling CloudTrail Insights on an existing trail with the console
Services or capabilities described in AWS documentation might vary by Region. To see the differences applicable to the AWS European Sovereign Cloud Region, see the AWS European Sovereign Cloud User Guide.

Logging Insights events with the CloudTrail console

For more information about how to create a new trail to log Insights events, see Creating a trail with the console.

Enabling CloudTrail Insights on an existing trail with the console

Use the following procedure to enable CloudTrail Insights on an existing trail.

  1. In the left navigation pane of the CloudTrail console, open the Trails page, and choose a trail name.

  2. In Insights events, choose Edit.

    Note

    Additional charges apply for logging Insights events. For CloudTrail pricing, see AWS CloudTrail Pricing.

  3. In Event type, choose Insights events.

  4. In Insights events choose management events or data events

  5. Under Insights types, choose API call rate, API error rate, or both. Your trail must be logging Write management or data events to log Insights events for API call rate. Your trail must be logging Read or Write management or data to log Insights events for API error rate.

  6. Choose Save changes to save your changes.

CloudTrail may take up to 36 hours to begin delivering Insights events after you enable Insights events on a trail, provided that unusual activity is detected during that time.