API

Elasticsearch domains should have error logging to CloudWatch Logs enabled

Docs > Datadog Security > OOTB Rules > Elasticsearch domains should have error logging to CloudWatch Logs enabled

このページは日本語には対応しておりません。随時翻訳に取り組んでいます。翻訳に関してご質問やご意見ございましたら、お気軽にご連絡ください。

Description

This control confirms whether Elasticsearch domains are configured to forward error logs to CloudWatch Logs.

It’s recommended to enable error logging for Elasticsearch domains and forward these logs to CloudWatch Logs for retention and analysis. Error logs from the domain can play a key role in security and access audits and can help in diagnosing availability issues.

Remediation

For details on how to activate log publishing, refer to the Enabling log publishing (console) section in the Amazon OpenSearch Service Developer Guide.