How to setup AWS CloudTrail tracing for CPM Issues

How to setup AWS CloudTrail tracing for CPM Issues

Background:
Sometimes for complex CPM issues, Support will request that you enable AWS CloudTrail tracing to assist in determining the root cause of an issue. The AWS CloudTrail is included in all AWS Services and does not require a separate installation. This component is designed to capture all API calls in AWS. The purpose of this document is to walk you through the configuration steps to configure and gather AWS CloudTrail tracing files.


The detailed steps are: 
1.  Open and login into the AWS Console and then select services and search for CloudTrail and select “CloudTrail" 

2. This opens the CloudTrail screen please press the Create Trail button.

3.  Please enter the following in the highlighted fields


Enter the Trail name: 
cpmcaptureapi



Please select YES under “Apply Trail to all regions” and set “Read/Write events” to ALL



4. Under the Data Events make sure that the s3 tab is selected.

5. Under Storage Location:  Select Add an S3 bucket

Select to create a new S3 Bucket by selecting "Yes"

In the “S3 Bucket field enter a unique bucket name in this example we named the bucket "cpmcaptureapi"

NOTE: Bucket names must be unique across all existing bucket names in Amazon S3.

6. Expand the Advanced section.

7. Enter a log prefix named “ CPM”

NOTE: By default, the log location is /AWSLogs/%12 digit acct #%/CloudTrail/%AWS Region%

8. Under Encrypt log files with SSE-KMS, select yes or no. If you select Yes, then the option to  Create a new KMS key is enabled.  (Yes or no)
if you select no then you can select the KMS key from the drop-down list. if you select yes then give the new KMS key a name.

Optionally you can select to enable the following fields: 
Log File validation 
Send SNS notification for every log file delivery
Create a new SNS topic

9. Then please hit the Create button in the lower right-hand corner of the screen.

NOTE: The use of AWS CloudTrail may incur additional charges for additional information on AWS Costs associated with AWS CloudTrail please see this link:  https://aws.amazon.com/cloudtrail/pricing/


10. This brings you back to the trails screen and you should see the newly created CloudTrail listed.

11.  You should now be ready to reproduce the issue with CPM. 

12.  Once the issue is reproduced in CPM with AWS CloudTrail running, go back into AWS CloudTrail and select “Event History”


13. Select the “Download Events” button and select to download it in JSON format (please do not select CSV).


 You will see this progress screen



14. Please send us the events_history JSON file and a complete set of CPM logs.

Note: for details on gathering CPM Logs please review this technical document: 


IMPORTANT!
Remember to shut down the AWS CloudTrail logging once you have recreated the issue in N2WS Backup and Recovery to avoid additional AWS costs.