PutInsightSelectors (smaws-clients.Smaws_Client_CloudTrail.PutInsightSelectors)

val request : 
  Smaws_Lib.Context.t ->
  put_insight_selectors_request ->
  (put_insight_selectors_response,
    [> Smaws_Lib.Protocols.AwsJson.error
    | `CloudTrailARNInvalidException of cloud_trail_arn_invalid_exception
    | `InsufficientEncryptionPolicyException of
      insufficient_encryption_policy_exception
    | `InsufficientS3BucketPolicyException of
      insufficient_s3_bucket_policy_exception
    | `InvalidHomeRegionException of invalid_home_region_exception
    | `InvalidInsightSelectorsException of invalid_insight_selectors_exception
    | `InvalidParameterCombinationException of
      invalid_parameter_combination_exception
    | `InvalidParameterException of invalid_parameter_exception
    | `InvalidTrailNameException of invalid_trail_name_exception
    | `KmsException of kms_exception
    | `NoManagementAccountSLRExistsException of
      no_management_account_slr_exists_exception
    | `NotOrganizationMasterAccountException of
      not_organization_master_account_exception
    | `OperationNotPermittedException of operation_not_permitted_exception
    | `S3BucketDoesNotExistException of s3_bucket_does_not_exist_exception
    | `ThrottlingException of throttling_exception
    | `TrailNotFoundException of trail_not_found_exception
    | `UnsupportedOperationException of unsupported_operation_exception ])
    Stdlib.result

Lets you enable Insights event logging by specifying the Insights selectors that you want to enable on an existing trail or event data store. You also use PutInsightSelectors to turn off Insights event logging, by passing an empty list of Insights types. The valid Insights event types are ApiErrorRateInsight and ApiCallRateInsight.

To enable Insights on an event data store, you must specify the ARNs (or ID suffix of the ARNs) for the source event data store (EventDataStore) and the destination event data store (InsightsDestination). The source event data store logs management events and enables Insights. The destination event data store logs Insights events based upon the management event activity of the source event data store. The source and destination event data stores must belong to the same Amazon Web Services account.

To log Insights events for a trail, you must specify the name (TrailName) of the CloudTrail trail for which you want to change or add Insights selectors.

To log CloudTrail Insights events on API call volume, the trail or event data store must log write management events. To log CloudTrail Insights events on API error rate, the trail or event data store must log read or write management events. You can call GetEventSelectors on a trail to check whether the trail logs management events. You can call GetEventDataStore on an event data store to check whether the event data store logs management events.

For more information, see Logging CloudTrail Insights events in the CloudTrail User Guide.