CloudTrail / Client / put_insight_selectors
put_insight_selectors#
- CloudTrail.Client.put_insight_selectors(**kwargs)#
Lets you enable Insights event logging by specifying the Insights selectors that you want to enable on an existing trail or event data store. You also use
PutInsightSelectorsto turn off Insights event logging, by passing an empty list of Insights types. The valid Insights event types areApiErrorRateInsightandApiCallRateInsight.To enable Insights on an event data store, you must specify the ARNs (or ID suffix of the ARNs) for the source event data store (
EventDataStore) and the destination event data store (InsightsDestination). The source event data store logs management events and enables Insights. The destination event data store logs Insights events based upon the management event activity of the source event data store. The source and destination event data stores must belong to the same Amazon Web Services account.To log Insights events for a trail, you must specify the name (
TrailName) of the CloudTrail trail for which you want to change or add Insights selectors.To log CloudTrail Insights events on API call volume, the trail or event data store must log
writemanagement events. To log CloudTrail Insights events on API error rate, the trail or event data store must logreadorwritemanagement events. You can callGetEventSelectorson a trail to check whether the trail logs management events. You can callGetEventDataStoreon an event data store to check whether the event data store logs management events.For more information, see Logging CloudTrail Insights events in the CloudTrail User Guide.
See also: AWS API Documentation
Request Syntax
response = client.put_insight_selectors( TrailName='string', InsightSelectors=[ { 'InsightType': 'ApiCallRateInsight'|'ApiErrorRateInsight' }, ], EventDataStore='string', InsightsDestination='string' )
- Parameters:
TrailName (string) –
The name of the CloudTrail trail for which you want to change or add Insights selectors.
You cannot use this parameter with the
EventDataStoreandInsightsDestinationparameters.InsightSelectors (list) –
[REQUIRED]
A JSON string that contains the Insights types you want to log on a trail or event data store.
ApiCallRateInsightandApiErrorRateInsightare valid Insight types.The
ApiCallRateInsightInsights type analyzes write-only management API calls that are aggregated per minute against a baseline API call volume.The
ApiErrorRateInsightInsights type analyzes management API calls that result in error codes. The error is shown if the API call is unsuccessful.(dict) –
A JSON string that contains a list of Insights types that are logged on a trail or event data store.
InsightType (string) –
The type of Insights events to log on a trail or event data store.
ApiCallRateInsightandApiErrorRateInsightare valid Insight types.The
ApiCallRateInsightInsights type analyzes write-only management API calls that are aggregated per minute against a baseline API call volume.The
ApiErrorRateInsightInsights type analyzes management API calls that result in error codes. The error is shown if the API call is unsuccessful.
EventDataStore (string) –
The ARN (or ID suffix of the ARN) of the source event data store for which you want to change or add Insights selectors. To enable Insights on an event data store, you must provide both the
EventDataStoreandInsightsDestinationparameters.You cannot use this parameter with the
TrailNameparameter.InsightsDestination (string) –
The ARN (or ID suffix of the ARN) of the destination event data store that logs Insights events. To enable Insights on an event data store, you must provide both the
EventDataStoreandInsightsDestinationparameters.You cannot use this parameter with the
TrailNameparameter.
- Return type:
dict
- Returns:
Response Syntax
{ 'TrailARN': 'string', 'InsightSelectors': [ { 'InsightType': 'ApiCallRateInsight'|'ApiErrorRateInsight' }, ], 'EventDataStoreArn': 'string', 'InsightsDestination': 'string' }
Response Structure
(dict) –
TrailARN (string) –
The Amazon Resource Name (ARN) of a trail for which you want to change or add Insights selectors.
InsightSelectors (list) –
A JSON string that contains the Insights event types that you want to log on a trail or event data store. The valid Insights types are
ApiErrorRateInsightandApiCallRateInsight.(dict) –
A JSON string that contains a list of Insights types that are logged on a trail or event data store.
InsightType (string) –
The type of Insights events to log on a trail or event data store.
ApiCallRateInsightandApiErrorRateInsightare valid Insight types.The
ApiCallRateInsightInsights type analyzes write-only management API calls that are aggregated per minute against a baseline API call volume.The
ApiErrorRateInsightInsights type analyzes management API calls that result in error codes. The error is shown if the API call is unsuccessful.
EventDataStoreArn (string) –
The Amazon Resource Name (ARN) of the source event data store for which you want to change or add Insights selectors.
InsightsDestination (string) –
The ARN of the destination event data store that logs Insights events.
Exceptions
CloudTrail.Client.exceptions.InvalidParameterExceptionCloudTrail.Client.exceptions.InvalidParameterCombinationExceptionCloudTrail.Client.exceptions.TrailNotFoundExceptionCloudTrail.Client.exceptions.InvalidTrailNameExceptionCloudTrail.Client.exceptions.CloudTrailARNInvalidExceptionCloudTrail.Client.exceptions.InvalidHomeRegionExceptionCloudTrail.Client.exceptions.InvalidInsightSelectorsExceptionCloudTrail.Client.exceptions.InsufficientS3BucketPolicyExceptionCloudTrail.Client.exceptions.InsufficientEncryptionPolicyExceptionCloudTrail.Client.exceptions.S3BucketDoesNotExistExceptionCloudTrail.Client.exceptions.KmsExceptionCloudTrail.Client.exceptions.UnsupportedOperationExceptionCloudTrail.Client.exceptions.OperationNotPermittedExceptionCloudTrail.Client.exceptions.NotOrganizationMasterAccountExceptionCloudTrail.Client.exceptions.NoManagementAccountSLRExistsExceptionCloudTrail.Client.exceptions.ThrottlingException