AWS announces two AI-powered enhancements to AWS CloudTrail Lake, a managed data lake that helps you capture, immutably store, access, and analyze your activity logs, as well as AWS Config configuration items. These new capabilities simplify log analysis, enabling deeper insights and quicker investigations across your AWS environments:
AI-powered natural language query generation in CloudTrail Lake is now generally available in seven AWS Regions: Mumbai, N. Virginia, London, Tokyo, Oregon, Sydney, and Canada (Central). This feature allows you to ask questions about your AWS activity in plain English, without writing complex SQL queries. For example, you can ask, “Which API events failed in the last week due to missing permissions?” CloudTrail Lake then generates the corresponding SQL query, streamlining your analysis of AWS activity logs (management and data events).
AI-powered query result summarization is now available in preview in the N. Virginia, Oregon, and Tokyo Regions. This feature provides natural language summaries of your query results, regardless of whether the query was generated through the natural language query generation feature or manually written in SQL. This capability significantly reduces the time and effort required to extract meaningful insights from your AWS activity logs (management, data, and network activity events). For example, after running a query to find users with the most access denied requests, you can click “Summarize” to get a concise overview of the key findings.
Please note that running queries will incur CloudTrail Lake query charges. Refer to CloudTrail pricing for details. To learn more, visit the AWS CloudTrail documentation.
Source:: Amazon AWS