Neptune DB clusters should publish audit logs to CloudWatch Logs
Description
This control verifies if a Neptune DB cluster is configured to publish audit logs to Amazon CloudWatch Logs. The parameter EnableCloudWatchLogsExport must be configured to include Audit.
Amazon Neptune integrates with Amazon CloudWatch to enable monitoring and analysis of performance metrics. By default, Neptune sends these metrics to CloudWatch and supports the configuration of CloudWatch Alarms. Audit logs can be customized extensively, allowing you to track every operation performed on the database, including details on the cluster accessed and the nature of the interaction. Exporting these logs to CloudWatch is recommended to enhance the monitoring and visibility of your Neptune DB clusters.
For guidance on configuring Neptune audit logging, please refer to the Publishing Neptune logs to Amazon CloudWatch Logs section of the Neptune User Guide.
