To set up our unauthorized activity alerting system, we'll create a Python program that will first verify the logs to find out if there are any unauthorized machines are created. If any unauthorized machine identified, the program will proceed to terminate them:
- In the Creating alerts on specific events recipe in Chapter 6, Management Tools, you'll find how to filter logs and focus on the events which interest us. Similarly, for our security situation, we are interested in instances created and their instance type. The following is an example of a log filter:
- Next, we'll have to convert this log filter into an API request. ...