AdvancedEventSelector
Advanced event selectors let you create fine-grained selectors for CloudTrail management and data events. They help you control costs by logging only those events that are important to you. For more information about advanced event selectors, see Logging management events and Logging data events in the AWS CloudTrail User Guide.
You cannot apply both event selectors and advanced event selectors to a trail.
Supported CloudTrail event record fields for management events
-
eventCategory(required) -
eventSource -
readOnly
Supported CloudTrail event record fields for data events
-
eventCategory(required) -
resources.type(required) -
readOnly -
eventName -
resources.ARN
Note
For event data stores for CloudTrail Insights events, AWS Config configuration items, Audit Manager evidence, or events outside of AWS, the only supported field is
eventCategory.
Contents
- FieldSelectors
-
Contains all selector statements in an advanced event selector.
Type: Array of AdvancedFieldSelector objects
Array Members: Minimum number of 1 item.
Required: Yes
- Name
-
An optional, descriptive name for an advanced event selector, such as "Log data events for only two S3 buckets".
Type: String
Length Constraints: Minimum length of 0. Maximum length of 1000.
Pattern:
.*Required: No
See Also
For more information about using this API in one of the language-specific AWS SDKs, see the following:
