OpenSearch domains should have Audit Logging enabled

opensearch
Esta página aún no está disponible en español. Estamos trabajando en su traducción.
Si tienes alguna pregunta o comentario sobre nuestro actual proyecto de traducción, no dudes en ponerte en contacto con nosotros.

Description

This check determines if audit logging is enabled for Amazon OpenSearch Service domains, and is configured to send logs to Amazon CloudWatch Logs. Audit logs are crucial for recording detailed information about access and changes to OpenSearch resources, enabling you to track user activities, detect suspicious behavior, and ensure compliance with security policies and regulatory requirements.

Remediation

To enable audit logging for an Amazon OpenSearch Service domain, refer to the Configuring Amazon OpenSearch Service to Enable Audit Logging section of the Amazon OpenSearch Service Developer Guide.