At MyTutor, we aimed to ensure that the application database was accessed only by authorised user accounts for legitimate reasons. This project involved analysing AWS CloudWatch logs for the AWS RDS instances to extract relevant information. A list of users and their executed queries was compiled, excluding certain allowed users. The accounts that did not meet the criteria were then posted to a Slack channel for review.