AWS has upgraded CloudWatch to consolidate operational, security, and compliance logs from multiple accounts and sources into a unified platform. The new features support querying logs directly in Amazon S3 without ETL, making it easier for organizations to manage their log data while reducing costs and complexity. However, there are concerns about vendor lock-in as it ties users closely to the AWS ecosystem.

This article explains how to set up a centralized logging system for AWS CloudFormation StackSets across multiple accounts. It outlines the architecture, implementation steps, and monitoring capabilities to streamline deployment tracking and troubleshooting.

This article details Yelp's approach to handling S3 server access logs at scale. It discusses the challenges of logging, the benefits of object-level logging for debugging and security, and the architecture used to optimize log storage by converting them into a more efficient format.

AWS detection engineering practices were critically assessed after a breach simulation revealed undetected attacker persistence. The team rebuilt their detection capabilities by focusing on key log sources like CloudTrail, VPC Flow Logs, and GuardDuty, emphasizing the importance of correlation across these sources for effective threat detection.

The article discusses the concept of CloudTrail logging evasion in AWS, emphasizing the importance of policy size when creating effective logging mechanisms. It highlights how attackers can exploit insufficiently sized policies to avoid detection and the need for robust configurations to enhance security.

Preparing for cloud incidents requires a strategic approach to logging across major cloud providers. This article ranks essential logs for Microsoft, AWS, and Google Cloud, providing insights on their criticality for detecting and responding to security incidents, as well as real-life case studies illustrating their importance. Ensuring the right logs are enabled and retained is vital for effective incident response.

Pinterest's Big Data Platform team has developed Moka, a next-generation data processing platform deployed on AWS Elastic Kubernetes Service (EKS). The article outlines Moka's infrastructure, including its logging and observability strategies, which leverage tools like Fluent Bit for log management and Prometheus for metrics storage and monitoring. Key learnings and future directions for Moka's development are also discussed.