Amazon WorkMail
Administrator Guide (Version 1.0)

Logging and Monitoring in Amazon WorkMail

Monitoring your email flow is important to maintaining the health of your Amazon WorkMail organization. Monitoring the email sending activity for your organization helps protect your domain reputation. Monitoring can also help you track emails that are sent and received. For more information about how to enable email event logging, see Tracking Messages.

AWS provides the following monitoring tools to watch Amazon WorkMail, report when something is wrong, and take automatic actions when appropriate:

  • Amazon CloudWatch monitors your AWS resources and the applications you run on AWS in real time. For example, when you enable email event logging for Amazon WorkMail, CloudWatch can track emails sent and received for your organization. For more information about monitoring Amazon WorkMail with CloudWatch, see Monitoring Amazon WorkMail with Amazon CloudWatch. For more information about CloudWatch, see the Amazon CloudWatch User Guide.

  • Amazon CloudWatch Logs enables you to monitor, store, and access your email event logs for Amazon WorkMail when email event logging is enabled in the Amazon WorkMail console. CloudWatch Logs can monitor information in the log files, and you can archive your log data in highly durable storage. For more information about tracking Amazon WorkMail messages using CloudWatch Logs, see Tracking Messages. For more information about CloudWatch Logs, see the Amazon CloudWatch Logs User Guide.

  • AWS CloudTrail captures API calls and related events made by or on behalf of your AWS account, and delivers the log files to an Amazon S3 bucket that you specify. You can identify which users and accounts called AWS, the source IP address from which the calls were made, and when the calls occurred. For more information, see Logging Amazon WorkMail API Calls with AWS CloudTrail.