Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 2 Current »

Severity: Low

Description: This policy identifies AWS CloudTrails in which log validation is not enabled in all regions. CloudTrail log file validation creates a digitally signed digest file containing a hash of each log that CloudTrail writes to S3. These digest files can be used to determine whether a log file was modified after CloudTrail delivered the log. It is recommended that file validation be enabled on all CloudTrails.

Remediation Steps:

Perform following to enable cloud-trail log validation:

  1. Login to the AWS Management Console at https://console.aws.amazon.com/cloudtrail/ .

  2. In the console, select the specific region from region drop down on the top right corner, for which the alert is generated.

  3. Click on Trails and each trail reported, click on trail. Edit the General Details and under Additional settings select Enable for Log file validation.

Reference:

  • No labels