CloudTrail / Client / get_insight_selectors



Describes the settings for the Insights event selectors that you configured for your trail. GetInsightSelectors shows if CloudTrail Insights event logging is enabled on the trail, and if it is, which insight types are enabled. If you run GetInsightSelectors on a trail that does not have Insights events enabled, the operation throws the exception InsightNotEnabledException

For more information, see Logging CloudTrail Insights Events for Trails in the CloudTrail User Guide.

See also: AWS API Documentation

Request Syntax

response = client.get_insight_selectors(

TrailName (string) –


Specifies the name of the trail or trail ARN. If you specify a trail name, the string must meet the following requirements:

  • Contain only ASCII letters (a-z, A-Z), numbers (0-9), periods (.), underscores (_), or dashes (-)

  • Start with a letter or number, and end with a letter or number

  • Be between 3 and 128 characters

  • Have no adjacent periods, underscores or dashes. Names like my-_namespace and my--namespace are not valid.

  • Not be in IP address format (for example,

If you specify a trail ARN, it must be in the format:


Return type:



Response Syntax

    'TrailARN': 'string',
    'InsightSelectors': [
            'InsightType': 'ApiCallRateInsight'|'ApiErrorRateInsight'

Response Structure

  • (dict) –

    • TrailARN (string) –

      The Amazon Resource Name (ARN) of a trail for which you want to get Insights selectors.

    • InsightSelectors (list) –

      A JSON string that contains the insight types you want to log on a trail. In this release, ApiErrorRateInsight and ApiCallRateInsight are supported as insight types.

      • (dict) –

        A JSON string that contains a list of Insights types that are logged on a trail.

        • InsightType (string) –

          The type of Insights events to log on a trail. ApiCallRateInsight and ApiErrorRateInsight are valid Insight types.

          The ApiCallRateInsight Insights type analyzes write-only management API calls that are aggregated per minute against a baseline API call volume.

          The ApiErrorRateInsight Insights type analyzes management API calls that result in error codes. The error is shown if the API call is unsuccessful.


  • CloudTrail.Client.exceptions.TrailNotFoundException

  • CloudTrail.Client.exceptions.InvalidTrailNameException

  • CloudTrail.Client.exceptions.CloudTrailARNInvalidException

  • CloudTrail.Client.exceptions.UnsupportedOperationException

  • CloudTrail.Client.exceptions.OperationNotPermittedException

  • CloudTrail.Client.exceptions.InsightNotEnabledException

  • CloudTrail.Client.exceptions.NoManagementAccountSLRExistsException

  • CloudTrail.Client.exceptions.ThrottlingException