Background/Challenge
AWS CloudTrail logs capture a comprehensive history of API calls made within an AWS account, providing valuable information about who accessed what resources and when. However, these logs can be overwhelming to analyze manually due to their volume and complexity. Security teams need an efficient way to:
- Identify unusual access patterns
- Detect potential security threats
- Understand resource usage patterns
- Generate human-readable reports from technical log data
My approach combines AWS native services with generative AI to transform raw log data into actionable security insights. By leveraging the power of Amazon Bedrock and the Strands Agent framework, I have created a scalable, automated system that significantly reduces the manual effort required for CloudTrail analysis while providing more comprehensive results than traditional methods.