AWS services or capabilities described in AWS Documentation may vary by region/location. Click Getting Started with Amazon AWS to see specific differences applicable to the China (Beijing) Region.
Lets you enable Insights event logging by specifying the Insights selectors that you
want to enable on an existing trail or event data store. You also use PutInsightSelectors
to turn off Insights event logging, by passing an empty list of Insights types. The
valid Insights event types are ApiErrorRateInsight and ApiCallRateInsight.
To enable Insights on an event data store, you must specify the ARNs (or ID suffix
of the ARNs) for the source event data store (EventDataStore) and the destination
event data store (InsightsDestination). The source event data store logs management
events and enables Insights. The destination event data store logs Insights events
based upon the management event activity of the source event data store. The source
and destination event data stores must belong to the same Amazon Web Services account.
To log Insights events for a trail, you must specify the name (TrailName) of
the CloudTrail trail for which you want to change or add Insights selectors.
To log CloudTrail Insights events on API call volume, the trail or event data store
must log write management events. To log CloudTrail Insights events on API
error rate, the trail or event data store must log read or write management
events. You can call GetEventSelectors on a trail to check whether the trail
logs management events. You can call GetEventDataStore on an event data store
to check whether the event data store logs management events.
For more information, see Logging CloudTrail Insights events in the CloudTrail User Guide.
This is an asynchronous operation using the standard naming convention for .NET 4.5 or higher. For .NET 3.5 the operation is implemented as a pair of methods using the standard naming convention of BeginPutInsightSelectors and EndPutInsightSelectors.
Namespace: Amazon.CloudTrail
Assembly: AWSSDK.CloudTrail.dll
Version: 3.x.y.z
public abstract Task<PutInsightSelectorsResponse> PutInsightSelectorsAsync( PutInsightSelectorsRequest request, CancellationToken cancellationToken )
Container for the necessary parameters to execute the PutInsightSelectors service method.
A cancellation token that can be used by other objects or threads to receive notice of cancellation.
| Exception | Condition |
|---|---|
| CloudTrailARNInvalidException | This exception is thrown when an operation is called with an ARN that is not valid. The following is the format of a trail ARN: arn:aws:cloudtrail:us-east-2:123456789012:trail/MyTrail The following is the format of an event data store ARN: arn:aws:cloudtrail:us-east-2:123456789012:eventdatastore/EXAMPLE-f852-4e8f-8bd1-bcf6cEXAMPLE The following is the format of a channel ARN: arn:aws:cloudtrail:us-east-2:123456789012:channel/01234567890 |
| InsufficientEncryptionPolicyException | This exception is thrown when the policy on the S3 bucket or KMS key does not have sufficient permissions for the operation. |
| InsufficientS3BucketPolicyException | This exception is thrown when the policy on the S3 bucket is not sufficient. |
| InvalidHomeRegionException | This exception is thrown when an operation is called on a trail from a Region other than the Region in which the trail was created. |
| InvalidInsightSelectorsException | For PutInsightSelectors, this exception is thrown when the formatting or syntax of the InsightSelectors JSON statement is not valid, or the specified InsightType in the InsightSelectors statement is not valid. Valid values for InsightType are ApiCallRateInsight and ApiErrorRateInsight. To enable Insights on an event data store, the destination event data store specified by the InsightsDestination parameter must log Insights events and the source event data store specified by the EventDataStore parameter must log management events. For UpdateEventDataStore, this exception is thrown if Insights are enabled on the event data store and the updated advanced event selectors are not compatible with the configured InsightSelectors. If the InsightSelectors includes an InsightType of ApiCallRateInsight, the source event data store must log write management events. If the InsightSelectors includes an InsightType of ApiErrorRateInsight, the source event data store must log management events. |
| InvalidParameterCombinationException | This exception is thrown when the combination of parameters provided is not valid. |
| InvalidParameterException | The request includes a parameter that is not valid. |
| InvalidTrailNameException | This exception is thrown when the provided trail name is not valid. Trail names must meet the following requirements: Contain only ASCII letters (a-z, A-Z), numbers (0-9), periods (.), underscores (_), or dashes (-) Start with a letter or number, and end with a letter or number Be between 3 and 128 characters Have no adjacent periods, underscores or dashes. Names like my-_namespace and my--namespace are not valid. Not be in IP address format (for example, 192.168.5.4) |
| KmsException | This exception is thrown when there is an issue with the specified KMS key and the trail or event data store can't be updated. |
| NoManagementAccountSLRExistsException | This exception is thrown when the management account does not have a service-linked role. |
| NotOrganizationMasterAccountException | This exception is thrown when the Amazon Web Services account making the request to create or update an organization trail or event data store is not the management account for an organization in Organizations. For more information, see Prepare For Creating a Trail For Your Organization or Create an event data store. |
| OperationNotPermittedException | This exception is thrown when the requested operation is not permitted. |
| S3BucketDoesNotExistException | This exception is thrown when the specified S3 bucket does not exist. |
| ThrottlingException | This exception is thrown when the request rate exceeds the limit. |
| TrailNotFoundException | This exception is thrown when the trail with the given name is not found. |
| UnsupportedOperationException | This exception is thrown when the requested operation is not supported. |
.NET Core App:
Supported in: 3.1
.NET Standard:
Supported in: 2.0
.NET Framework:
Supported in: 4.5