You can integrate CloudTrail with your third-party log monitoring tools such as Loggly using the API automate trail creation for your organization, check the status of your trails, and control how administrators turn CloudTrail logging on and off.
By default, log files are encrypted using Amazon S3 server-side encryption (SSE). You can store your log files in your bucket for as long as you want. You can also define the Amazon S3 life cycle rules to archive or delete log files automatically.
You can create up to five trails for each region. After you create a trail, CloudTrail automatically starts logging API calls and related events in your account. To stop logging, you can turn off logging for the trail or delete it.