💼 4.1 Ensure unauthorized API calls are monitored - Level 2 (Manual)

Contextual name: 💼 4.1 Ensure unauthorized API calls are monitored - Level 2 (Manual)
ID: /frameworks/cis-aws-v2.0.0/04/01
Located in: 💼 4 Monitoring

Description

Real-time monitoring of API calls can be achieved by directing CloudTrail Logs to CloudWatch Logs, or an external Security information and event management (SIEM) environment, and establishing corresponding metric filters and alarms.

It is recommended that a metric filter and alarm be established for unauthorized API calls.

Similar

Sections
- /frameworks/cis-aws-v3.0.0/04/01
- /frameworks/cis-aws-v1.5.0/04/01
Internal
- ID: dec-c-67bdb695

Similar Sections (Take Policies From)

Section	Sub Sections	Internal Rules	Policies	Flags
💼 CIS AWS v1.5.0 → 💼 4.1 Ensure a log metric filter and alarm exist for unauthorized API calls - Level 1 (Automated)			1
💼 CIS AWS v3.0.0 → 💼 4.1 Ensure unauthorized API calls are monitored - Level 2 (Manual)			1

Similar Sections (Give Policies To)

Section	Sub Sections	Internal Rules	Policies	Flags
💼 CIS AWS v1.5.0 → 💼 4.1 Ensure a log metric filter and alarm exist for unauthorized API calls - Level 1 (Automated)			1
💼 CIS AWS v3.0.0 → 💼 4.1 Ensure unauthorized API calls are monitored - Level 2 (Manual)			1

Sub Sections

Section	Sub Sections	Internal Rules	Policies	Flags

Policies (1)

Policy	Logic Count	Flags
📝 AWS CloudTrail Unauthorized API Calls Monitoring is not enabled 🟢		🟢 x3

Description​

Similar​

Similar Sections (Take Policies From)​

Similar Sections (Give Policies To)​

Sub Sections​

Policies (1)​