CloudTrail is an auditing service that logs events corresponding to atomic interactions with the AWS infrastructure. A trail can be created to log all events across all regions in your AWS infrastructure, or to log events corresponding to only a single region. This service is enabled by default, and it stores events for the last 90 days.
For a longer persistence of the events comprising a trail, they can be funneled into a log file and stored in an AWS S3 bucket. Each log file is a chunk of events that have taken place over the past five minutes. An event gets emitted approximately 15 minutes after it has occurred.
The log files are stored in an encrypted manner in S3, and can be encrypted in a more extensible fashion by using AWS ...