Varna is an AWS serverless cloud security tool designed to monitor and analyze CloudTrail logs for security events and anomalies. The tool operates as a Lambda function that processes CloudTrail logs stored in S3 buckets, using Event Query Language (EQL) to parse and analyze log data. When suspicious activities or security events are detected, Varna generates alerts that can be sent through multiple notification channels including Slack and email. The system utilizes DynamoDB to maintain a record of previously seen alerts, helping to reduce duplicate notifications and provide historical context. The web console interface allows users to search through past events and alerts, providing additional context for security investigations. Varna includes user authentication capabilities and stores detection rules in a dedicated rules folder. These rules are written in an accessible format that makes them easy to understand and modify. The tool is designed to ingest and process alerts as soon as CloudTrail data becomes available in S3, enabling near real-time security monitoring. The serverless architecture is designed to be cost-effective, with proper configuration typically resulting in monthly operational costs under $15. The tool provides quick deployment and setup processes for AWS environments.