💼 [Neptune.2] Neptune DB clusters should publish audit logs to CloudWatch Logs

• ID: /frameworks/aws-fsbp-v1.0.0/neptune/02

Description

Amazon Neptune and Amazon CloudWatch are integrated so that you can gather and analyze performance metrics. Neptune automatically sends metrics to CloudWatch and also supports CloudWatch Alarms. Audit logs are highly customizable. When you audit a database, each operation on the data can be monitored and logged to an audit trail, including information about which database cluster is accessed and how.

Similar

• AWS Security Hub
  • https://docs.aws.amazon.com/securityhub/latest/userguide/neptune-controls.html#neptune-2
• Internal
  • ID: dec-c-512b8ccf

Similar Sections (Give Policies To)

Section	Sub Sections	Internal Rules	Policies	Flags	Compliance
💼 NIST SP 800-53 Revision 5 → 💼 AC-2(4) Account Management _ Automated Audit Actions		15	23		no data
💼 NIST SP 800-53 Revision 5 → 💼 AC-4(26) Information Flow Enforcement _ Audit Filtering Actions			18		no data
💼 NIST SP 800-53 Revision 5 → 💼 AC-6(9) Least Privilege _ Log Use of Privileged Functions		17	25		no data
💼 NIST SP 800-53 Revision 5 → 💼 AU-2 Event Logging	4		27		no data
💼 NIST SP 800-53 Revision 5 → 💼 AU-3 Content of Audit Records	3	15	39		no data
💼 NIST SP 800-53 Revision 5 → 💼 AU-6(1) Audit Record Review, Analysis, and Reporting _ Automated Process Integration		2	6		no data
💼 NIST SP 800-53 Revision 5 → 💼 AU-6(3) Audit Record Review, Analysis, and Reporting _ Correlate Audit Record Repositories			17		no data
💼 NIST SP 800-53 Revision 5 → 💼 AU-6(4) Audit Record Review, Analysis, and Reporting _ Central Review and Analysis			17		no data
💼 NIST SP 800-53 Revision 5 → 💼 AU-6(5) Audit Record Review, Analysis, and Reporting _ Integrated Analysis of Audit Records			4		no data
💼 NIST SP 800-53 Revision 5 → 💼 AU-7(1) Audit Record Reduction and Report Generation _ Automatic Processing		2	4		no data
💼 NIST SP 800-53 Revision 5 → 💼 AU-9(7) Protection of Audit Information _ Store on Component with Different Operating System			2		no data
💼 NIST SP 800-53 Revision 5 → 💼 AU-10 Non-repudiation	5		16		no data
💼 NIST SP 800-53 Revision 5 → 💼 AU-12 Audit Record Generation	4	48	74		no data
💼 NIST SP 800-53 Revision 5 → 💼 CA-7 Continuous Monitoring	6		28		no data
💼 NIST SP 800-53 Revision 5 → 💼 SC-7(9) Boundary Protection _ Restrict Threatening Outgoing Communications Traffic			35		no data
💼 NIST SP 800-53 Revision 5 → 💼 SI-3(8) Malicious Code Protection _ Detect Unauthorized Commands			13		no data
💼 NIST SP 800-53 Revision 5 → 💼 SI-4(5) System Monitoring _ System-generated Alerts			4		no data
💼 NIST SP 800-53 Revision 5 → 💼 SI-4(20) System Monitoring _ Privileged Users			12		no data
💼 NIST SP 800-53 Revision 5 → 💼 SI-7(8) Software, Firmware, and Information Integrity _ Auditing Capability for Significant Events			17		no data
💼 NIST SP 800-53 Revision 5 → 💼 SI-20 Tainting			4		no data
💼 PCI DSS v4.0.1 → 💼 10.3.3 Audit log files, including those for external-facing technologies, are promptly backed up to a secure, central, internal log server(s) or other media that is difficult to modify.			3		no data

Sub Sections

Section	Sub Sections	Internal Rules	Policies	Flags	Compliance

Policies (1)

Policy	Logic Count	Flags	Compliance
🛡️ AWS RDS Cluster required log exports to CloudWatch Logs are not enabled🟢	1	🟢 x6	no data