user7455893
Reputation:
Parsing cloudtrail events in s3 bucket
I have enabled cloudtrail logging in s3 bucket. I am trying to use python sdk in order to parse all the logs in s3 bucket in order to isolate the RunInstance event. I have started with something like this :
def lambda_handler(event, context):
s3 = boto3.resource('s3')
bucket = s3.Bucket('eservice-aws-logging')
S3KeyPrefix='AWSLogs/********/CloudTrail/us-east-1/',
for obj in bucket.objects.all():
Is there a method in Python I can use in order to parse the logs and capture RunInstance events?
Upvotes: 3
Views: 1268
Answers (1)
franklinsijo
Reputation: 18270
You can read the content with
for obj in bucket.objects.all():
if S3KeyPrefix in obj.key:
content = obj.get()['Body'].read()
Once you have the content, parse it for the required events.
Upvotes: 1
Related Questions
- Access S3 event notification from within python in a Lambda container
- boto3 for cloudtrail lookupevents
- Using Event Data from S3 Trigger in AWS Lambda
- How to obtain bucket name from cloudwatch event?
- Not able to list the events. resource = list(event['detail']['requestParameters']['evaluations'])[0]
- Can we fetch AWS Cloudtrail logs using boto3 in python?
- Handling S3 Bucket Trigger Event in Lambda Using Python
- Parse CloudTrail logs with Python
- Extracting aws region from s3 event data in python (lambda)
- How to monitor a AWS S3 bucket with python using boto?