Incident response, logging, and monitoring in Amazon QuickSight
| Intended audience: System administrators and Amazon QuickSight administrators |
Amazon QuickSight is integrated with AWS CloudTrail. This service provides a record of actions taken by a user, role, or an AWS service in Amazon QuickSight. CloudTrail captures all API calls for Amazon QuickSight as events. The calls captured include some calls from the Amazon QuickSight console and all code calls to Amazon QuickSight API operations. If you create a trail, you can enable continuous delivery of CloudTrail events to an Amazon S3 bucket, including events for Amazon QuickSight. If you don't configure a trail, you can still view the most recent events in the CloudTrail console in Event history. Using the information collected by CloudTrail, you can determine the request that was made to Amazon QuickSight, the IP address from which the request was made, who made the request, when it was made, and additional details.
Amazon QuickSight doesn’t natively support alerting with Amazon CloudWatch or other external systems. However, it's possible to develop a custom solution to process CloudTrail logs.
Amazon QuickSight service status can be viewed on the Service Health Dashboard
By default, the log files delivered by CloudTrail to your bucket are encrypted by Amazon server-side encryption with Amazon S3-managed encryption keys (SSE-S3). To provide a security layer that is directly manageable, you can instead use server-side encryption with AWS KMS–managed keys (SSE-KMS) for your CloudTrail log files. Enabling server-side encryption encrypts the log files but not the digest files with SSE-KMS. Digest files are encrypted with Amazon S3-managed encryption keys (SSE-S3).
To learn more about CloudTrail, including how to configure and enable it, see the AWS CloudTrail User Guide.
Topics
