ross-humphrey · January 13, 2020 16:39
diff --git a/cloudtrail-notex.txt b/cloudtrail-notex.txt
 Cloudtrail helps you enable governance, compliance and operational and risk auditing in your AWS account.

 Actions taken by a user,role or AWS service are recorded as events.
 Events include actions taken in the AWS management console, CLI, SDKs and APIs.

 Enabled by default. (Lasts 90 Days) 
 Review the event history, for an ongoing record of activity and events - create a trail.
 Visibility into AWS account activity is a key aspect of security and operational best practices. 

 Cloudtrail can be used to:
  > View
  > Search
  > Download
  > Archive
  > Analyze
  > Respond to account acitivity across AWS.
  
 > Enable CloudTrail insights to help you identify and respond to unusual activity.
 > Two types of Trail can be created:
  > Trail applies to one region
  > Trail that applies to all regions 
 > If you created an organization in AWS Organizations you can also create a trail that will log all events for all AWS accounts in that organization. (Org Trail)

 CloudTrail Events:
  > CloudTrail events are a record of activity in an AWS account. 
  > Not all AWS services generate events.
  
  What are management events?
    > Provide info about management operations performed on resources in AWS account. (A.K.A control plane operations)
    such as:
      > Configuring security
      > Registering devices
      > Configuring routing rules
      > Setting up logging
      
   What are data events?
    > Information about the resource operations performed on a resource.
    > Data plane operations
    > Often high volume activities
    such as:
      > S3 Object level API activity
      > AWS lambda function execution activity
      
   What are insights events?
    > Capture unusual activity in an AWS account. (when enabled)
    > Must be explicitly enabled
	Cloudtrail helps you enable governance, compliance and operational and risk auditing in your AWS account.

	Actions taken by a user,role or AWS service are recorded as events.
	Events include actions taken in the AWS management console, CLI, SDKs and APIs.

	Enabled by default. (Lasts 90 Days)
	Review the event history, for an ongoing record of activity and events - create a trail.
	Visibility into AWS account activity is a key aspect of security and operational best practices.

	Cloudtrail can be used to:
	> View
	> Search
	> Download
	> Archive
	> Analyze
	> Respond to account acitivity across AWS.

	> Enable CloudTrail insights to help you identify and respond to unusual activity.
	> Two types of Trail can be created:
	> Trail applies to one region
	> Trail that applies to all regions
	> If you created an organization in AWS Organizations you can also create a trail that will log all events for all AWS accounts in that organization. (Org Trail)

	CloudTrail Events:
	> CloudTrail events are a record of activity in an AWS account.
	> Not all AWS services generate events.

	What are management events?
	> Provide info about management operations performed on resources in AWS account. (A.K.A control plane operations)
	such as:
	> Configuring security
	> Registering devices
	> Configuring routing rules
	> Setting up logging

	What are data events?
	> Information about the resource operations performed on a resource.
	> Data plane operations
	> Often high volume activities
	such as:
	> S3 Object level API activity
	> AWS lambda function execution activity

	What are insights events?
	> Capture unusual activity in an AWS account. (when enabled)
	> Must be explicitly enabled