The systematic recording and examination of activity across cloud infrastructure to ensure compliance, detect anomalies, and maintain accountability. Like a security camera system for your cloud — everything is logged so you can review who did what, and when. AWS CloudTrail, Azure Monitor Activity Log, GCP Audit Logs, and OCI Audit all provide native auditing.
A financial services company uses AWS CloudTrail to record every API call across their AWS environment. When a misconfigured S3 bucket is discovered, the audit log shows exactly which IAM user made the change, from which IP address, and at what time.
These native cloud services record management and service activity for accountability, security investigations, and compliance. AWS CloudTrail focuses on API activity and account events, Azure Monitor Activity Log records subscription-level control plane events, Google Cloud Audit Logs captures admin, data access, and system events, and OCI Audit records API calls for supported Oracle Cloud resources.