CloudTrail Partitioner
0
Free
This project sets up partitioned Athena tables for your CloudTrail logs and updates the partitions nightly. It is based on work by Alex Smolen in his post Partitioning CloudTrail Logs in Athena. You can immediately deploy the CDK app, but I recommend first running this manually to ensure everything is configured, and also because running it manually will (by default) create 90 days of partitions, whereas the nightly CDK will not run until 0600 UTC, and will only create partitions for the current day and tomorrow. Tables are created for each account as cloudtrail_000000000000 and also a view is created that unions all these tables. Related projects This project was based on work by Alex Smolen. This project works great for many, but at enough scale (roughly 100GB of Cloudtrail logs), the way in which Athena is used with this project runs into problems. For this and other reasons, Alex released a new project cloudtrail-parquet-glue which is described in his post Use AWS Glue to make Cloudtrail Parquet partitions and resolves issues #13 and #14 with this project. Setup.
FEATURES
The author has not provided features for this tool yet. If you are the author, please sign in or claim the tool to add features by clicking the icon above.
ALTERNATIVES
A collection of tools to debug and inspect Kubernetes resources and applications, managing eBPF programs execution and mapping kernel primitives to Kubernetes resources.
Free
Detect off-instance key usage in AWS by analyzing CloudTrail files locally.
Free
A Lambda Function that disables AWS IAM User Access Keys after a set amount of time to reduce the risk associated with old access keys.
Free
A collection of tools for forensics teams to collect evidence from cloud platforms
Free
An open-source security tool for AWS, Azure, Google Cloud, and Kubernetes security assessments and audits.
Free
Azure Guardrails enables rapid enforcement of cloud security guardrails by generating Terraform files for Azure Policy Initiatives.
Free
LogRhythm SIEM is a comprehensive security information and event management platform that collects, analyzes, and responds to security events across an organization's IT infrastructure.
Commercial
A fully managed service that securely stores, rotates, and manages sensitive data such as database credentials and API keys.
Free
PINNED
Fabric Platform by BlackStork
Fabric Platform is a cybersecurity reporting solution that automates and standardizes report generation, offering a private-cloud platform, open-source tools, and community-supported templates.
Free
Security Operations
Mandos Brief Newsletter
Stay ahead in cybersecurity. Get the week's top cybersecurity news and insights in 8 minutes or less.
Free
Blogs and News
Wiz
Wiz Cloud Security Platform is a cloud-native security platform that enables security, dev, and devops to work together in a self-service model, detecting and preventing cloud security threats in real-time.
Commercial
Cloud Security
Adversa AI
Adversa AI is a cybersecurity company that provides solutions for securing and hardening machine learning, artificial intelligence, and large language models against adversarial attacks, privacy issues, and safety incidents across various industries.
Commercial
AI Security