Monitoring Amazon Lookout for Equipment with AWS CloudTrail - Amazon Lookout for Equipment

Monitoring Amazon Lookout for Equipment with AWS CloudTrail

Amazon Lookout for Equipment is integrated with AWS CloudTrail, a service that provides a record of actions taken by a user, role, or an AWS service in Amazon Lookout for Equipment. CloudTrail captures all API calls from Amazon Lookout for Equipment as events, including calls from the Amazon Lookout for Equipment console and from code calls to the Amazon Lookout for Equipment APIs. If you create a trail, you can enable continuous deliver of CloudTrail events to an Amazon Simple Storage Service (Amazon S3) bucket, including events for Amazon Lookout for Equipment. If you don't configure a trail, you can still view the most recent events in the CloudTrail console in Event history. Using the information collected by CloudTrail, you can determine the request that was made to Amazon Lookout for Equipment, the IP address from which the request was made, who made the request, when it was made, and additional details.

To learn more about CloudTrail, including how to configure and enable it, see the AWS CloudTrail User Guide.

Amazon Lookout for Equipment information in CloudTrail

CloudTrail is enabled on your AWS account when you create the account. When activity occurs in Amazon Lookout for Equipment, that activity is recorded in a CloudTrail event along with other AWS service events in the CloudTrail Event history. You can view, search, and download recent events in your AWS account. For more information, see Viewing Events with CloudTrail Event History.

For an ongoing record of events in your AWS account, including events for Amazon Lookout for Equipment, create a trail. A trail is a configuration that enables CloudTrail to deliver events as log files to a specified S3 bucket. By default, when you create a trail in the console, the trail applies to all AWS Regions. The trail logs events from all Regions in the AWS partition and delivers the log files to the S3 bucket that you specify. Additionally, you can configure other AWS services to further analyze and act upon the event data collected in CloudTrail logs. For more information, see:

CloudTrail logs all Amazon Lookout for Equipment actions. For example, calls to the StartDataIngestionJob , CreateModel , and CreateInferenceScheduler operations generate entries in the CloudTrail log files.

Every event or log entry contains information about who generated the request. For more information, see the CloudTrail userIdentify Element.

A trail is a configuration that enables delivery of events as log files to a specified S3 bucket. CloudTrail log files contain one or more log entries. An event represents a single request from any source and includes information about the requested action, the date and time of the action, request parameters, and so on. CloudTrail log files aren't an ordered stack trace of the public API calls, so they don't appear in any specific order.

The following example shows the log entry created by using the ListDatasets operation.

{ "eventVersion":"1.05", "userIdentity":{ "type":"AssumedRole | FederatedUser | IAMUser | Root | SAMLUser | WebIdentityUser", "principalId":"principal ID", "arn":"ARN", "accountId":"account ID", "accessKeyId":"access key", "sessionContext":{ "sessionIssuer":{ "type":"Role", "principalId":"principal ID", "arn":"ARN", "accountId":"account ID", "userName":"user name" }, "attributes":{ "mfaAuthenticated":"true | false", "creationDate":"timestamp" } } }, "eventTime":"timestamp", "eventSource":"lookoutequipment.amazonaws.com", "eventName":"ListDatasets", "awsRegion":"region", "sourceIPAddress":"source IP address", "userAgent":"user agent", "requestParameters": null, "responseElements":null, "requestID":"request ID", "eventID":"event ID", "readOnly":"true | false", "eventType":"AwsApiCall", "recipientAccountId":"account id" }

The following example shows the log entry created by using the DescribeDataset operation.

{ "eventVersion":"1.05", "userIdentity":{ "type":"AssumedRole | FederatedUser | IAMUser | Root | SAMLUser | WebIdentityUser", "principalId":"principal ID", "arn":"ARN", "accountId":"account ID", "accessKeyId":"access key", "sessionContext":{ "sessionIssuer":{ "type":"AssumedRole | FederatedUser | IAMUser | Root | SAMLUser | WebIdentityUser", "principalId":"principal ID", "arn":"ARN", "accountId":"account ID", "userName":"user name" }, "attributes":{ "mfaAuthenticated":"true | false", "creationDate":"timestamp" } } }, "eventTime":"timestamp", "eventSource":"lookoutequipment.amazonaws.com", "eventName":"DescribeDataset", "awsRegion":"region", "sourceIPAddress":"source IP address", "userAgent":"user agent", "requestParameters":{ "datasetName":"dataset name" }, "responseElements":null, "requestID":"request ID", "eventID":"event ID", "readOnly":"true | false", "eventType":"AwsApiCall", "recipientAccountId":"account id" }

Manual monitoring tools

Another important part of monitoring Amazon Lookout for Equipment involves manually monitoring those items that the CloudWatch alarms don't cover. The Amazon Lookout for Equipment, Amazon CloudWatch, AWS Trusted Advisor, and other AWS console dashboards provide an at-a-glance view of the state of your AWS environment.

  • The CloudWatch home page shows:

    • Current alarms and status

    • Graphs of alarms and resources

    • Service health status

    In addition, you can use CloudWatch to do the following:

    • Create customized dashboards to monitor the services you care about

    • Graph metric data to troubleshoot issues and discover trends

    • Search and browse all your AWS resource metrics

    • Create and edit alarms to be notified of problems

  • Trusted Advisor can help you monitor your AWS resources to improve performance, reliability, security, and cost effectiveness. Four Trusted Advisor checks are available to all users; and more than 50 checks are available to users with a Business or Enterprise support plan. For more information, see AWS Trusted Advisor.