Remediation item log Automated remediation execution log

Remediation logs in Trusted Remediator

Trusted Remediator creates logs in JSON format and uploads them to Amazon Simple Storage Service The log files are uploaded to an AMS created S3 bucket named ams-trusted-remediator-{your-account-id}-logs. AMS creates the S3 bucket in the Delegated Administrator account. You can import the log files into Amazon QuickSight to generate customized remediation reports. For more information, see Trusted Remediator integration with Amazon QuickSight.

Remediation logs are optional. To request creation of the S3 bucket and log creation, contact your CA or CSDM.

Remediation item log

Trusted Remediator creates the Remediation item log when a remediation OpsItem is created. This log contains manual remediation OpsItem and automated remediation OpsItem. You can use the Remediation item log to track the overview of all remediations.

Remediation item log location

s3://ams-trusted-remediator-delegated-administrator-account-id-logs/remediation_items/remediation creation time in yyyy-mm-dd format/10 digits epoch time or unix timestamp-Trusted Advisor check ID-Resource ID.json

Remediation item log sample file URL

s3:///ams-trusted-remediator-111122223333-logs/remediation_items/2023-02-06/1675660464-DAvU99Dc4C-vol-00bd8965660b4c16d.json

Remediation item log format


{
   "TrustedAdvisorCheckID": Trusted Advisor check ID,
   "TrustedAdvisorCheckName": Trusted Advisor check name,
   "TrustedAdvisorCheckResultTime": 10 digits epoch time or unix timestamp,
   "ResourceID": Resource ID,
   "RemediationTime": Remediation creation time,
   "ExecutionMode": Automated or Manual,
   "OpsItemID": OpsItem ID,
}

Remediation item log format sample content


{
    "TrustedAdvisorCheckID": "DAvU99Dc4C", 
    "TrustedAdvisorCheckName": "Underutilized Amazon EBS Volumes",
    "TrustedAdvisorCheckResultTime": 1675614749,
    "ResourceID": "vol-00bd8965660b4c16d",
    "RemediationTime": 1675660464,
    "OpsItemID": "oi-cca5df7af718"
}

Automated remediation execution log

Trusted Remediator creates the Automated remediation execution log when automated SSM document run is completed. This log contains SSM run details for automated remediation OpsItem only. You can use this log file to track automated remediations.

Automated remediation log location

s3://ams-trusted-remediator-delegated-administrator-account-id-logs//remediation_executions/remediation creation time in yyyy-mm-dd format/10 digits epoch time or unix timestamp-Trusted Advisor check ID-Resource ID.json

Automated remediation log location example

s3://ams-trusted-remediator-111122223333-logs/remediation_executions/2023-02-06/1675660573-DAvU99Dc4C-vol-00bd8965660b4c16d.json

Automated remediation log format


{
   "OpsItemID": OpsItem ID,
   "SSMExecutionID": SSM Execution ID,
   "SSMExecutionStatus": Success/Failed,       
 }

Automated remediation log format sample content


{
    "OpsItemID": "oi-767c77e05301",
    "SSMExecutionID": "93d091b2-778a-4cbc-b672-006954d76b86",
    "SSMExecutionStatus": "Success"
}

Warning Javascript is disabled or is unavailable in your browser.

To use the Amazon Web Services Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

Document Conventions

Work with remediations

Integration with Amazon QuickSight