---
title: >-
  Tenancies must contain an events rule and notification topic for route table
  changes
description: Datadog, the leading service for cloud-scale monitoring.
breadcrumbs: >-
  Docs > Datadog Security > OOTB Rules > Tenancies must contain an events rule
  and notification topic for route table changes
---

# Tenancies must contain an events rule and notification topic for route table changes
 
## Description{% #description %}

An events rule and notification topic should be configured for important changes in your Oracle Cloud Infrastructure environments. This security control provides real-time visibility into critical network infrastructure modifications, enabling rapid detection and response to unauthorized changes that could compromise security. The events rule and notification topic must be created in the root compartment (tenancy) to ensure comprehensive monitoring across all compartments and prevent missed events.

## Remediation{% #remediation %}

1. Create a notification topic in the root compartment (tenancy).
1. Create an events rule in the root compartment (tenancy) that monitors the following event types:
   - `com.oraclecloud.virtualnetwork.changeroutetablecompartment`
   - `com.oraclecloud.virtualnetwork.createroutetable`
   - `com.oraclecloud.virtualnetwork.deleteroutetable`
   - `com.oraclecloud.virtualnetwork.updateroutetable`
1. Configure the events rule to send notifications to the notification topic.
1. Ensure both the events rule, events rule actions, and notification topic are enabled and in `ACTIVE` state.

For detailed instructions, refer to the [Getting Started with Events](https://docs.oracle.com/iaas/Content/Events/Concepts/eventsoverview.htm), [Matching Events with Filters](https://docs.oracle.com/iaas/Content/Events/Concepts/filterevents.htm), and [Managing Topics](https://docs.oracle.com/iaas/Content/Notification/Tasks/manage-topic.htm) sections of the Oracle Cloud Infrastructure documentation.