Amazon Detective is an automated data enrichment tool that extracts time-based events from other services such as AWS CloudTrail, Amazon VPC flow logs, and GuardDuty.
These events include: login attempts, API calls, and network traffic and can be very useful in understanding security issues or operational account activity. Amazon Detective uses machine learning, statistical analysis, and graph theory to help you visualize and conduct faster and more efficient security investigations.
