Return to the CloudFormation console
[OPTIONAL] If you deployed the optional stack, click the check box next to it.
[OPTIONAL] From the Actions menu, select Delete stack.
[OPTIONAL] This will clean up the bucket and all of the objects in it. You can return to Kibana to see the DeleteObject events.
Click the check box next to your stack.
From the Actions menu, select Delete Stack.
[Depending on how long you’ve run the stack, the DeleteRawBucketObjects Lambda invocation might fail. If that happens, wait for the stack status to become DELETE_FAILED. Then delete the stack again.]
Congratulations! You now know how to:
Send CloudTrail logs to CloudWatch Logs
Create a subscription filter to send logs from a CloudWatch Logs log group to Amazon ES
Build Kibana visualizations and dashboards to monitor your AWS usage
For more information about Elasticsearch, see https://aws.amazon.com/elasticsearch-service/
For more information about Cloudtrail, see https://aws.amazon.com/cloudtrail/
For more information about Cloudwatch, see https://aws.amazon.com/cloudwatch/