Skip to main content
Sumo Logic

Configure the AWS CloudTrail App in Multiple Environments

If you have more than one environment that generates CloudTrail data (such as ops, dev, and so on) you’ll need to configure a separate S3 Source for each environment.

This way, you’ll have the three App Dashboards for each environment.

To avoid confusion, and in order to identify which environment is generating data, you should name each S3 Source with the environment's name. For example, you might name Sources as:

  • CloudTrail-prod
  • CloudTrail-dev
  • CloudTrail-test
  • and so on

Finally, make copies of each Panel in the CloudTrail Dashboards, and modify the search logic in each Panel so that you select the appropriate source for each environment.

For example, for a production environment, you will add the string: _source=CloudTrail-production to the beginning of each search. Edit the names of the Panels as needed. This means if you have three environments then you will have three copies of the application for each of them (nine dashboards in total).