Skip to main content

💼 [Opensearch.4] OpenSearch domain error logging to CloudWatch Logs should be enabled

  • ID: /frameworks/aws-fsbp-v1.0.0/opensearch/04

Description

You should enable error logs for OpenSearch domains and send those logs to CloudWatch Logs for retention and response. Domain error logs can assist with security and access audits, and can help to diagnose availability issues.

Similar

Similar Sections (Give Policies To)

SectionSub SectionsInternal RulesPoliciesFlagsCompliance
💼 NIST SP 800-53 Revision 5 → 💼 AC-2(4) Account Management _ Automated Audit Actions1422no data
💼 NIST SP 800-53 Revision 5 → 💼 AC-4(26) Information Flow Enforcement _ Audit Filtering Actions18no data
💼 NIST SP 800-53 Revision 5 → 💼 AC-6(9) Least Privilege _ Log Use of Privileged Functions1725no data
💼 NIST SP 800-53 Revision 5 → 💼 AU-2 Event Logging427no data
💼 NIST SP 800-53 Revision 5 → 💼 AU-3 Content of Audit Records31338no data
💼 NIST SP 800-53 Revision 5 → 💼 AU-6(3) Audit Record Review, Analysis, and Reporting _ Correlate Audit Record Repositories17no data
💼 NIST SP 800-53 Revision 5 → 💼 AU-6(4) Audit Record Review, Analysis, and Reporting _ Central Review and Analysis17no data
💼 NIST SP 800-53 Revision 5 → 💼 AU-10 Non-repudiation516no data
💼 NIST SP 800-53 Revision 5 → 💼 AU-12 Audit Record Generation44774no data
💼 NIST SP 800-53 Revision 5 → 💼 CA-7 Continuous Monitoring628no data
💼 NIST SP 800-53 Revision 5 → 💼 SC-7(9) Boundary Protection _ Restrict Threatening Outgoing Communications Traffic35no data
💼 NIST SP 800-53 Revision 5 → 💼 SI-3(8) Malicious Code Protection _ Detect Unauthorized Commands13no data
💼 NIST SP 800-53 Revision 5 → 💼 SI-4(20) System Monitoring _ Privileged Users12no data
💼 NIST SP 800-53 Revision 5 → 💼 SI-7(8) Software, Firmware, and Information Integrity _ Auditing Capability for Significant Events17no data

Sub Sections

SectionSub SectionsInternal RulesPoliciesFlagsCompliance

Policies (1)

PolicyLogic CountFlagsCompliance
🛡️ AWS OpenSearch Domain error logging is not enabled🟢1🟢 x6no data