Workflow
Sign in

Generation

generate functionMon, 14 Nov 2022

EC2/VPC cloudtrail. T1040 Network Sniffing - GAP - TA0006:Credential Access, TA0007:Discovery ec2,CreateTrafficMirrorFilter ec2,CreateTrafficMirrorFilterRule ec2,CreateTrafficMirrorSession ec2,CreateTrafficMirrorTarget ec2,DeleteTrafficMirrorFilter ec2,DeleteTrafficMirrorFilterRule ec2,DeleteTrafficMirrorSession ec2,DeleteTrafficMirrorTarget ec2,DescribeTrafficMirrorFilters ec2,DescribeTrafficMirrorSessions ec2,DescribeTrafficMirrorTargets ec2,ModifyTrafficMirrorFilterNetworkServices ec2,ModifyTrafficMirrorFilterRule ec2,ModifyTrafficMirrorSession

def check_cloudtrail(cloudtrail_client, ec2_client, vpc_client):
  cloudtrail_list = cloudtrail_client.describe_trails().get('trailList')
  ec2_list = ec2_client.describe_instances().get('Reservations')
  ec2_instance_list = []
  cloudtrail_status = ''
  for ec2_instance in ec2_list:
    ec2_instance_list.append(ec2_instance.get('Instances')[0].get('InstanceId'))
  for cloudtrail in cloudtrail_list:
    if cloudtrail.get('IncludeGlobalServiceEvents') == 'false' or cloudtrail.get('IsMultiRegionTrail') == 'false' or cloudtrail.get('IsOrganizationTrail') == 'true':
      cloudtrail_status = 'fail'
    cloudtrail_response = cloudtrail_client.get_trail_status(Name=cloudtrail.get('TrailARN'))
Python
Generate More

Feature Preview

Generate 

More than just a code generator. A tool that helps you with a wide range of tasks. All in one place.

Want to kickstart your project?Use the new AI Studio to create your code

Get chatting now