AWS OpenSearch Domain Does Not Have Audit Logging Enabled

Overview

Checks if AWS OpeanSearch has audit logging enabled. Enabling fine-grained access control on your Amazon OpenSearch Service domain allows you to activate audit logs for your data. These logs are fully customizable, enabling you to monitor user activity on your OpenSearch clusters comprehensively. They encompass authentication outcomes, request history, index modifications, and incoming search queries. While a popular set of user actions is tracked by default, we advise adjusting the settings to precisely match your requirements.

Vendor

AWS

Cloud Service

OpenSearch

Opensearch.5

References

https://docs.aws.amazon.com/opensearch-service/latest/APIReference/API_LogPublishingOption.html, https://docs.aws.amazon.com/opensearch-service/latest/developerguide/audit-logs.html

Severity

Item Types

AWS::OpenSearch::Domain

Overview​

Vendor​

Cloud Service​

Related Controls​

References​

Severity​

Item Types​