Centralized logging has become vital for implementing security in cloud environments, particularly for organizations using AWS services, as it allows for comprehensive log management and analysis crucial to security strategies. AWS provides a variety of tools that generate log data, which can be aggregated to give a centralized security overview, but setting up this system requires understanding how to access, extract, store, and secure this data. The ELK Stack, consisting of Elasticsearch, Logstash, and Kibana, is widely used on AWS to manage and visualize log data, aiding in building a Security Information and Event Management (SIEM) system by aggregating, processing, and analyzing logs from various AWS services like VPC Flow Logs, CloudTrail Logs, and ELB Access Logs. However, ELK lacks built-in alerting and retention capabilities, necessitating additional tools or services to handle these aspects, and the sheer volume of log data requires sophisticated analysis tools to uncover security insights. Recent security breaches, such as the leak of sensitive information from AWS S3, underscore the importance of implementing robust security policies and centralized logging strategies to prevent vulnerabilities and maintain cloud security.