Learn about Events

Article Tags
On This Page
Stax-Generated EventsAWS-Generated EventsCost & Compliance NotificationsSee also

Events provides a collection of real-time data that can be used to observe, monitor, and build event-driven applications based on actions that have occurred within your Stax tenancy and the AWS accounts it manages.

Events are delivered via different channels depending on the source of the activity:

Consider the following when determining how to best consume events:

Stax-Generated EventsAWS-Generated EventsCost & Compliance Notifications
OverviewEvents that reflect activity which occur within your Stax tenancy, such as logging in to the console, creating accounts, or creating an API tokenEvents generated by AWS, such as launching an EC2 instance or creating a VPCCost alerts, or non-compliant resource alerts based on your configured views and segments
DestinationEventBridge in your logging accountEventBridge in your security accountNotifications
LocationPer RegionPer RegionGlobal
TechnologyAmazon EventBridgeAmazon EventBridgeNotifications
Event TypesReview the events schema for a list of Stax-generated eventsA comprehensive list of AWS-generated events can be found in the Amazon EventBridge User GuideAlerts generated by the Stax Cost & Compliance module can be found here

Stax-Generated Events

Stax provides a stream of real-time events that are generated by your Stax tenancy and Stax-managed AWS accounts. These events allow you to automate actions from activities occurring within your Stax tenancy. The events are generated as users and systems interact with Stax. They include actions, such as, authentication, AWS account creation, and API token creation.

Stax-generated events are collected and centralized for enrichment. Within your Stax-managed AWS accounts, events from every region are captured.

Enriched events contain more meaningful and consumable data. This can be beneficial for security, auditing, and automation purposes.

One example of enrichment is evident when an event contains a resource ID, for example, UserID. This field is typically a UUID that is challenging to associate back to a user or system. The enrichment process will enhance the event payload by including additional human-friendly attributes associated with that resource ID, for example, the user's Name.

Events Schema

Review the format of Stax Events:

AWS-Generated Events

As part of the Account Assurance process, Stax configures the default EventBridge Event Bus for every region to publish AWS Service Events to the respective event bus for that region in the security account. Centralizing all AWS Service Events within the security account ensures you can easily integrate third-party monitoring tools. It removes the requirement to orchestrate the required configuration in each individual Stax-managed AWS account.

AWS Service Events are delivered to your security account. When consuming these events, consider the volume of events and apply filtering where appropriate.

Cost & Compliance Notifications

In addition to the default email-based notifications, Stax can publish targeted budget or non-compliant resource alerts using Notifications.

See also