AWS CloudTrail vs Gravwell: What are the differences?

AWS CloudTrail: Record AWS API calls for your account and have log files delivered to you. With CloudTrail, you can get a history of AWS API calls for your account, including API calls made via the AWS Management Console, AWS SDKs, command line tools, and higher-level AWS services (such as AWS CloudFormation). The AWS API call history produced by CloudTrail enables security analysis, resource change tracking, and compliance auditing. The recorded information includes the identity of the API caller, the time of the API call, the source IP address of the API caller, the request parameters, and the response elements returned by the AWS service; Gravwell: Ingest everything, compromise nothing. Data analytics at scale with predictive pricing. It is the most flexible full-stack analytics platform in the world. We excel at fusing disparate data sources such as firewall logs, end point event logs, network traffic, OT IDS logs, OT process data, threat feed data, etc. to create a central source of knowledge. Created in the IoT age we know modern data insights demand unlimited ingest and analysis capability for cybersecurity, IoT, business analytics, and more. We support a wide range of customers, from energy production, energy delivery, government, finance, and insurance to health and beauty products.

AWS CloudTrail and Gravwell can be primarily classified as "Log Management" tools.

Some of the features offered by AWS CloudTrail are:

• Increased Visibility- CloudTrail provides increased visibility into your user activity by recording AWS API calls. You can answer questions such as, what actions did a given user take over a given time period? For a given resource, which user has taken actions on it over a given time period? What is the source IP address of a given activity? Which activities failed due to inadequate permissions?
• Durable and Inexpensive Log File Storage- CloudTrail uses Amazon S3 for log file storage and delivery, so log files are stored durably and inexpensively. You can use Amazon S3 lifecycle configuration rules to further reduce storage costs. For example, you can define rules to automatically delete old log files or archive them to Amazon Glacier for additional savings.
• Easy Administration- CloudTrail is a fully managed service

On the other hand, Gravwell provides the following key features:

• Ability for deployment in cloud, on-premises, or in an isolated on-premises network lacking outside network connectivity
• Capable of collecting disparate unstructured time-series data sources into a queryable data lake
• Enable data scientists to create custom analysis code/tools to be executed as part of a search pipeline or query system