PutInsightSelectors
Lets you enable Insights event logging by specifying the Insights
selectors that you want to enable on an existing trail. You also use
PutInsightSelectors
to turn off Insights event logging, by passing an empty list of insight types.
The valid Insights event types in this release are ApiErrorRateInsight
and ApiCallRateInsight
.
Request Syntax
{
"InsightSelectors": [
{
"InsightType": "string
"
}
],
"TrailName": "string
"
}
Request Parameters
For information about the parameters that are common to all actions, see Common Parameters.
The request accepts the following data in JSON format.
- InsightSelectors
-
A JSON string that contains the insight types you want to log on a trail.
ApiCallRateInsight
andApiErrorRateInsight
are valid insight types.Type: Array of InsightSelector objects
Required: Yes
- TrailName
-
The name of the CloudTrail trail for which you want to change or add Insights selectors.
Type: String
Required: Yes
Response Syntax
{
"InsightSelectors": [
{
"InsightType": "string"
}
],
"TrailARN": "string"
}
Response Elements
If the action is successful, the service sends back an HTTP 200 response.
The following data is returned in JSON format by the service.
- InsightSelectors
-
A JSON string that contains the Insights event types that you want to log on a trail. The valid Insights types in this release are
ApiErrorRateInsight
andApiCallRateInsight
.Type: Array of InsightSelector objects
- TrailARN
-
The Amazon Resource Name (ARN) of a trail for which you want to change or add Insights selectors.
Type: String
Errors
For information about the errors that are common to all actions, see Common Errors.
- InsufficientEncryptionPolicyException
-
This exception is thrown when the policy on the S3 bucket or AWS KMS key is not sufficient.
HTTP Status Code: 400
- InsufficientS3BucketPolicyException
-
This exception is thrown when the policy on the S3 bucket is not sufficient.
HTTP Status Code: 400
- InvalidHomeRegionException
-
This exception is thrown when an operation is called on a trail from a region other than the region in which the trail was created.
HTTP Status Code: 400
- InvalidInsightSelectorsException
-
The formatting or syntax of the
InsightSelectors
JSON statement in yourPutInsightSelectors
orGetInsightSelectors
request is not valid, or the specified insight type in theInsightSelectors
statement is not a valid insight type.HTTP Status Code: 400
- InvalidTrailNameException
-
This exception is thrown when the provided trail name is not valid. Trail names must meet the following requirements:
-
Contain only ASCII letters (a-z, A-Z), numbers (0-9), periods (.), underscores (_), or dashes (-)
-
Start with a letter or number, and end with a letter or number
-
Be between 3 and 128 characters
-
Have no adjacent periods, underscores or dashes. Names like
my-_namespace
andmy--namespace
are not valid. -
Not be in IP address format (for example, 192.168.5.4)
HTTP Status Code: 400
-
- KmsException
-
This exception is thrown when there is an issue with the specified AWS KMS key and the trail can’t be updated.
HTTP Status Code: 400
- NotOrganizationMasterAccountException
-
This exception is thrown when the AWS account making the request to create or update an organization trail or event data store is not the management account for an organization in AWS Organizations. For more information, see Prepare For Creating a Trail For Your Organization or Create an event data store.
HTTP Status Code: 400
- OperationNotPermittedException
-
This exception is thrown when the requested operation is not permitted.
HTTP Status Code: 400
- S3BucketDoesNotExistException
-
This exception is thrown when the specified S3 bucket does not exist.
HTTP Status Code: 400
- TrailNotFoundException
-
This exception is thrown when the trail with the given name is not found.
HTTP Status Code: 400
- UnsupportedOperationException
-
This exception is thrown when the requested operation is not supported.
HTTP Status Code: 400
Examples
Example
The following example shows how to use Insight selectors to enable CloudTrail Insights on a trail named SampleTrail.
{ "InsightSelectors": '[{"InsightType": "ApiCallRateInsight"},{"InsightType": "ApiErrorRateInsight"}]', "TrailARN": "arn:aws:cloudtrail:us-east-2:123456789012:trail/SampleTrail" }
Example
The following example shows how to disable CloudTrail Insights on a trail named
SampleTrail. Disable Insights event collection by passing an empty string of insight
types ([ ]
).
{ "InsightSelectors": [ ], "TrailARN": "arn:aws:cloudtrail:us-east-2:123456789012:trail/SampleTrail" }
See Also
For more information about using this API in one of the language-specific AWS SDKs, see the following: