Skip to main content
Panther Knowledge Base

Is there any way to reduce AWS Cloudtrail latency in Panther?

  1. Last updated
  2. Save as PDF

QUESTION

Is there any way to reduce AWS CloudTrail latency?  Between the event time and alert time, there is a latency of about ~15 mins.  Can this be improved?

ANSWER

Currently, there are no implemented solutions to mitigate CloudTrail latency. The standard timeframe for CloudTrail to deliver an event after an API call is roughly 5 minutes. Similarly, if you have CloudTrail configured to send log files to your S3 bucket, this process occurs approximately every 5 minutes.

If you're observing a slight delay between parsing the event and creating an alert, rest assured that it falls within reasonable limits.