AWS Config Rule: Elasticsearch Logs to CloudWatch
ELASTICSEARCH_LOGS_TO_CLOUDWATCH
Ryan Ware
Last Update 9 เดือนที่แล้ว
Description: Checks if Elasticsearch domains are configured to send logs to Amazon CloudWatch Logs. The rule is COMPLIANT if a log is enabled for an Elasticsearch domain. This rule is NON_COMPLIANT if logging is not configured.
Trigger type: Configuration changes
AWS Region: All supported AWS regions except Asia Pacific (Hyderabad), Asia Pacific (Melbourne), Europe (Spain), Europe (Zurich) Region
Note: The rule does not evaluate Amazon OpenSearch Service domains.
How to Resolve Manually
This config rule checks if an ElasticSearch Domain is configured to send logs to CloudWatch service. If logging is not configured for an Elasticearch domain, the rule will be marked as non-compliant.
In order to resolve this, you will need to first head on over to the Amazon ElasticSearch Service within your AWS Console. Ensure to select the correct region from where your ElasticSearch domain is located.
Once there, choose the domain you want to configure logging for and and enable the desired CloudWatch logs from the Logs tab. By clicking the Log Type and then clicking on Enable, we can create a new Log Group and Policy required to setup logging. Check the following picture for further reference:
Note that this rule will become compliant if any of the available log types is enabled.
Want to know more about StackZone and how to make your cloud management simple and secure?
Check our how it works section with easy to follow videos or just create your own StackZone Account here
