[AWS SAP] Architecture Patterns - Monitoring, Logging and Auditing
API activity must be captured from multiple accounts and stored in a centra security account?
Use CloudTrail in each account to record API activity and use cross-account access to secuirty account to store the log files in a central S3 bucket.
Need to trace and debug application with distributed components?
Use AWS X-Ray to trace and debug the application.
CloudWatch Logs entries must be transformed with Lambda and then loaded into Amazon S3?
Configure a Kinesis Firehose destination, transform with Lambda and tehn load into S3 bucket
CloudWatch logs entries must be analyzed and stored centrally in a security account?
Use cross-account sharing and configure a Kinesis Data Stream in the secuirty account to collect the log files then use Lambda to analyze and store.
https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CrossAccountSubscriptions.html
Looks like bot Kinesis data stream and Kinesis Firehose can do
Access auditing must be enabled and records must be stored for a minimum of 5 years. Any attempts to modify the log files must be identiifed?
Create a trail in CloudTrail that stores the data in an S3 bucket and enable log file integrity validation.
Need to stream logs from Amazon EC2 instances in an ASG?
Install the unified CloudWatch Agent and collect log files in Amazon CloudWatch.
Need to collect metrics from EC2 instances with a 1 second granularity?
Create a custom metric with high resolution.
The application logs from on-premises servers must be processed by AWS Lambda in real time?
Install the unified CloudWatch Agent on the servers and use a subscription filter in CloudWatch to connect to a Lambda function.
相关文章
- 关于 SAP UI5 所有控件的共同祖先 - sap.ui.base.ManagedObject
- SAP UI5 sap.ui.base.ManagedObject 的构造函数参数讲解
- [工作随笔]Python 和AWS CDK的aws-route53那些事
- Linux使用root用户登录(AWS EC2)
- 安装SAP,Linux获台前瞻未来(linux安装sap)
- 下架Parler展现亚马逊AWS特殊地位:让网站瞬间瘫痪
- CloudSort 夺冠,阿里云性价比高出 AWS 保持的世界记录三倍
- 如何评价 MXNet 被亚马逊AWS 选为官方深度学习平台
- 一审败诉,亚马逊判赔 7646 万元,不可使用AWS 名称
- 对比SAP VS Oracle: 哪个更适合你?(sap与oracle)
- Oracle与SAP在仓储领域的联姻(仓库oracle和sap)
- 在AWS上快速安装MySQL数据库(aws安装mysql)
- AWS Linux 登录指南:简单易懂的操作步骤(awslinux登录)
- 数据库使用AWS连接本地MySQL数据库(aws调用本地mysql)
- 深入研究AWS如何调用MySQL(aws调用mysql)
- 云端无限存储AWS大规模MySQL数据库管理(aws海量数据mysql)
- AWS快速拉取MySQL日志,轻松管理日志记录(aws拉取mysql日志)
- AWS搜索 进入MySQL引擎的新时代(aws搜索MySQL引擎)
- 使用AWS管理MySQL,了解相关费用支出(aws mysql 费用)
- 云端AWS和企业级数据库 Oracle的尝试之路(aws oracle)
- 数据库解决方案如何使用SAP创建Redis数据库(sap怎么创建redis)
- Oracle和SAP技术比较优势和劣势(oracle与sap比照)
- 聘请高级Oracle与SAP顾问,拓展业务潜力(oracle sap顾问)
- Oracle SAP系统深入探索管理系统之魅力(oracle sap系统)