Posted On: Mar 31, 2020

AWS Storage Gateway now enables logging of end-user operations on files and folders for SMB file shares when using File Gateway. Logging allows you to comply with internal security policies, meet external compliance requirements, troubleshoot access errors, and analyze usage trends of your data. 

File Gateway provides on-premises applications with file-based, cached access to virtually unlimited cloud storage using SMB and NFS protocols. With this launch, SMB client operations for files and folders are logged to provide IT administrators and compliance managers with the information they need about user access to files and folders. Key operations logged for files and folders include create, delete, read, write, rename, and change of permissions. The logs are published to Amazon CloudWatch Logs where they can be reviewed and written to an Amazon S3 bucket of your choice and exported for use by third-party security information and event management (SIEM) applications. 

Starting today, when you activate a gateway, you can enable File Gateway audit logs in the AWS China (Beijing) Region, operated by Sinnet and AWS China (Ningxia) Region, operated by NWCD. For existing gateways, this new capability will be available through a software update on or before May 30, 2020. Step-by-step instructions are located in the AWS Storage Gateway User Guide. Charges for CloudWatch Logs apply when you use File Gateway audit logs. For more information, visit the AWS Storage Gateway Pricing Page