VIEW RULE IN DATADOG VIEW MISCONFIGURATIONS

Description

An events rule and notification topic should be configured for important changes in your Oracle Cloud Infrastructure environments. This security control provides real-time visibility into critical network infrastructure modifications, enabling rapid detection and response to unauthorized changes that could compromise security. The events rule and notification topic must be created in the root compartment (tenancy) to ensure comprehensive monitoring across all compartments and prevent missed events.

Remediation

1. Create a notification topic in the root compartment (tenancy).
2. Create an events rule in the root compartment (tenancy) that monitors the following event types:
   • com.oraclecloud.virtualnetwork.changeroutetablecompartment
   • com.oraclecloud.virtualnetwork.createroutetable
   • com.oraclecloud.virtualnetwork.deleteroutetable
   • com.oraclecloud.virtualnetwork.updateroutetable
3. Configure the events rule to send notifications to the notification topic.
4. Ensure both the events rule, events rule actions, and notification topic are enabled and in ACTIVE state.

For detailed instructions, refer to the Getting Started with Events, Matching Events with Filters, and Managing Topics sections of the Oracle Cloud Infrastructure documentation.