Neptune DB clusters should publish audit logs to CloudWatch Logs

문서 > Datadog 보안 > OOTB Rules > Neptune DB clusters should publish audit logs to CloudWatch Logs

이 페이지는 아직 한국어로 제공되지 않으며 번역 작업 중입니다. 번역에 관한 질문이나 의견이 있으시면 언제든지 저희에게 연락해 주십시오.

Description

This control verifies if a Neptune DB cluster is configured to publish audit logs to Amazon CloudWatch Logs. The parameter EnableCloudWatchLogsExport must be configured to include Audit.

Amazon Neptune integrates with Amazon CloudWatch to enable monitoring and analysis of performance metrics. By default, Neptune sends these metrics to CloudWatch and supports the configuration of CloudWatch Alarms. Audit logs can be customized extensively, allowing you to track every operation performed on the database, including details on the cluster accessed and the nature of the interaction. Exporting these logs to CloudWatch is recommended to enhance the monitoring and visibility of your Neptune DB clusters.

Remediation

For guidance on configuring Neptune audit logging, please refer to the Publishing Neptune logs to Amazon CloudWatch Logs section of the Neptune User Guide.