💼 [RDS.34] Aurora MySQL DB clusters should publish audit logs to CloudWatch Logs

ID: /frameworks/aws-fsbp-v1.0.0/rds/34

Description

Audit logs capture a record of database activity, including login attempts, data modifications, schema changes, and other events that can be audited for security and compliance purposes. When you configure an Aurora MySQL DB cluster to publish audit logs to a log group in Amazon CloudWatch Logs, you can perform real-time analysis of the log data. CloudWatch Logs retains logs in highly durable storage. You can also create alarms and view metrics in CloudWatch.

Similar

AWS Security Hub
- https://docs.aws.amazon.com/securityhub/latest/userguide/rds-controls.html#rds-34
Internal
- ID: dec-c-e22fa825

Similar Sections (Give Policies To)

Section	Sub Sections	Internal Rules	Policies	Compliance
💼 NIST SP 800-53 Revision 5 → 💼 AC-2(4) Account Management _ Automated Audit Actions		14	18	no data
💼 NIST SP 800-53 Revision 5 → 💼 AC-4(26) Information Flow Enforcement _ Audit Filtering Actions			14	no data
💼 NIST SP 800-53 Revision 5 → 💼 AC-6(9) Least Privilege _ Log Use of Privileged Functions		17	21	no data
💼 NIST SP 800-53 Revision 5 → 💼 AU-2 Event Logging	4		23	no data
💼 NIST SP 800-53 Revision 5 → 💼 AU-3 Content of Audit Records	3	13	34	no data
💼 NIST SP 800-53 Revision 5 → 💼 AU-6(3) Audit Record Review, Analysis, and Reporting _ Correlate Audit Record Repositories			13	no data
💼 NIST SP 800-53 Revision 5 → 💼 AU-6(4) Audit Record Review, Analysis, and Reporting _ Central Review and Analysis			13	no data
💼 NIST SP 800-53 Revision 5 → 💼 AU-10 Non-repudiation	5		12	no data
💼 NIST SP 800-53 Revision 5 → 💼 AU-12 Audit Record Generation	4	47	70	no data
💼 NIST SP 800-53 Revision 5 → 💼 CA-7 Continuous Monitoring	6		22	no data
💼 NIST SP 800-53 Revision 5 → 💼 SC-7(9) Boundary Protection _ Restrict Threatening Outgoing Communications Traffic			29	no data
💼 NIST SP 800-53 Revision 5 → 💼 SI-3(8) Malicious Code Protection _ Detect Unauthorized Commands			9	no data
💼 NIST SP 800-53 Revision 5 → 💼 SI-4(20) System Monitoring _ Privileged Users			8	no data
💼 NIST SP 800-53 Revision 5 → 💼 SI-7(8) Software, Firmware, and Information Integrity _ Auditing Capability for Significant Events			13	no data
💼 PCI DSS v4.0.1 → 💼 10.2.1 Audit logs are enabled and active for all system components and cardholder data.	7		29	no data

Sub Sections

Section	Sub Sections	Internal Rules	Policies	Flags	Compliance

Description​

Similar​

Similar Sections (Give Policies To)​

Sub Sections​

Description

Similar

Similar Sections (Give Policies To)

Sub Sections