Stop sending events to CloudWatch Logs (console)Stop sending events to CloudWatch Logs (CLI)

Stopping CloudTrail from sending events to CloudWatch Logs

You can stop sending AWS CloudTrail events to Amazon CloudWatch Logs by updating a trail to disable CloudWatch Logs settings.

Stop sending events to CloudWatch Logs (console)

To stop sending CloudTrail events to CloudWatch Logs

Sign in to the AWS Management Console and open the CloudTrail console at https://console.aws.amazon.com/cloudtrail/.
In the navigation pane, choose Trails.
Choose the name of the trail for which you want to disable CloudWatch Logs integration.
In CloudWatch Logs, choose Edit.
Clear the Enabled check box.
Choose Save changes.

Stop sending events to CloudWatch Logs (CLI)

You can remove the CloudWatch Logs log group as a delivery endpoint by running the update-trail command. The following command clears the log group and role from the trail configuration by replacing the values for the log group ARN and CloudWatch Logs role ARN with empty values.


aws cloudtrail update-trail --name trail_name --cloud-watch-logs-log-group-arn="" --cloud-watch-logs-role-arn=""

Warning Javascript is disabled or is unavailable in your browser.

To use the Amazon Web Services Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

Document Conventions

Creating CloudWatch alarms for CloudTrail events: examples

CloudWatch log group and log stream naming for CloudTrail