Module Values.PutEventSelectorsResponseSource

Configures event selectors (also referred to as basic event selectors) or advanced event selectors for your trail. You can use either AdvancedEventSelectors or EventSelectors, but not both. If you apply AdvancedEventSelectors to a trail, any existing EventSelectors are overwritten. You can use AdvancedEventSelectors to log management events, data events for all resource types, and network activity events. You can use EventSelectors to log management events and data events for the following resource types: AWS::DynamoDB::Table AWS::Lambda::Function AWS::S3::Object You can't use EventSelectors to log network activity events. If you want your trail to log Insights events, be sure the event selector or advanced event selector enables logging of the Insights event types you want configured for your trail. For more information about logging Insights events, see Working with CloudTrail Insights in the CloudTrail User Guide. By default, trails created without specific event selectors are configured to log all read and write management events, and no data events or network activity events. When an event occurs in your account, CloudTrail evaluates the event selectors or advanced event selectors in all trails. For each trail, if the event matches any event selector, the trail processes and logs the event. If the event doesn't match any event selector, the trail doesn't log the event. Example You create an event selector for a trail and specify that you want to log write-only events. The EC2 GetConsoleOutput and RunInstances API operations occur in your account. CloudTrail evaluates whether the events match your event selectors. The RunInstances is a write-only event and it matches your event selector. The trail logs the event. The GetConsoleOutput is a read-only event that doesn't match your event selector. The trail doesn't log the event. The PutEventSelectors operation must be called from the Region in which the trail was created; otherwise, an InvalidHomeRegionException exception is thrown. You can configure up to five event selectors for each trail. You can add advanced event selectors, and conditions for your advanced event selectors, up to a maximum of 500 values for all conditions and selectors on a trail. For more information, see Logging management events, Logging data events, Logging network activity events, and Quotas in CloudTrail in the CloudTrail User Guide.

Sourcetype nonrec t = {
  1. trailARN : String_.t option;
    (*

    Specifies the ARN of the trail that was updated with event selectors. The following is the format of a trail ARN. arn:aws:cloudtrail:us-east-2:123456789012:trail/MyTrail

    *)
  2. eventSelectors : EventSelectors.t option;
    (*

    Specifies the event selectors configured for your trail.

    *)
  3. advancedEventSelectors : AdvancedEventSelectors.t option;
    (*

    Specifies the advanced event selectors configured for your trail.

    *)
}
Sourcetype nonrec error = [
  1. | `CloudTrailARNInvalidException of CloudTrailARNInvalidException.t
  2. | `ConflictException of ConflictException.t
  3. | `InsufficientDependencyServiceAccessPermissionException of InsufficientDependencyServiceAccessPermissionException.t
  4. | `InvalidEventSelectorsException of InvalidEventSelectorsException.t
  5. | `InvalidHomeRegionException of InvalidHomeRegionException.t
  6. | `InvalidTrailNameException of InvalidTrailNameException.t
  7. | `NoManagementAccountSLRExistsException of NoManagementAccountSLRExistsException.t
  8. | `NotOrganizationMasterAccountException of NotOrganizationMasterAccountException.t
  9. | `OperationNotPermittedException of OperationNotPermittedException.t
  10. | `ThrottlingException of ThrottlingException.t
  11. | `TrailNotFoundException of TrailNotFoundException.t
  12. | `UnsupportedOperationException of UnsupportedOperationException.t
  13. | `Unknown_operation_error of string * string option
]
Sourceval make : ?trailARN:??? -> ?eventSelectors:??? -> ?advancedEventSelectors:??? -> unit -> t
Sourceval error_of_json : string -> Yojson.Safe.t -> [> `CloudTrailARNInvalidException of unit | `ConflictException of unit | `InsufficientDependencyServiceAccessPermissionException of unit | `InvalidEventSelectorsException of unit | `InvalidHomeRegionException of unit | `InvalidTrailNameException of unit | `NoManagementAccountSLRExistsException of unit | `NotOrganizationMasterAccountException of unit | `OperationNotPermittedException of unit | `ThrottlingException of unit | `TrailNotFoundException of unit | `Unknown_operation_error of string * string option | `UnsupportedOperationException of unit ]
Sourceval error_of_xml : string -> Awso.Xml.t -> [> `CloudTrailARNInvalidException of unit | `ConflictException of unit | `InsufficientDependencyServiceAccessPermissionException of unit | `InvalidEventSelectorsException of unit | `InvalidHomeRegionException of unit | `InvalidTrailNameException of unit | `NoManagementAccountSLRExistsException of unit | `NotOrganizationMasterAccountException of unit | `OperationNotPermittedException of unit | `ThrottlingException of unit | `TrailNotFoundException of unit | `Unknown_operation_error of string * string option | `UnsupportedOperationException of unit ]
Sourceval error_to_json : error -> Yojson.Safe.t
Sourceval to_value : t -> [> `Structure of (string * [> `List of [> `Structure of (string * [> `Boolean of Boolean.t | `Enum of string | `List of [> `String of String_.t | `Structure of (string * [> `List of [> `String of String_.t ] list | `String of String_.t ]) list ] list | `String of SelectorName.t ]) list ] list | `String of String_.t ]) list ]
Sourceval to_query : t -> Awso.Client.Query.t
Sourceval of_xml : Awso.Xml.t -> t
Sourceval of_string : string -> t
Sourceval of_json : Yojson.Safe.t -> t
Sourceval to_json : t -> Yojson.Safe.t