Andy
I just wanted to be clear on the last point on the slide which reads:
Validate that logs have not been deleted using log file validation
The point here, as I understand it, is that given the log file bundle delivered from CloudTrail is checksummed/hashed in its entirety, deleting a log file from the bundle will invalidate that checksum value, correct?
Ah, never mind, you talk about the digest file delivered with the log files in a subsequent slide … 🙂