AWS-Neptune-DB-audit-logs-for-log-export-enable

Severity: Medium

Description: This control ensures that Audit Log type under Log Exports is published to the AWS CloudWatch for the Neptune DB Cluster. These logs can play a vital role in debugging, troubleshooting, detecting malicious activities, and security audits. The "Log exports" option for Neptune Cluster publishes the Audit logs to CloudWatch for further processing and storage. Appropriate logs types should be published to be able to find the source in case of any security incident.

Remediation Steps:

Perform following to configure audit logs for Neptune :

1. Login to the AWS Management Console at https://console.aws.amazon.com.

2. Navigate to Neptune console.

3. In the navigation pane, choose Databases.

4. Select database Cluster to configure, Choose Modify.

5. Under the Log exports select audit log type.

6. Click Continue.

7. Under the Scheduling of modifications option select Apply Immediately.

8. Click Modify DB Cluster.

Important:

This control does not apply to AWS GovCloud.

Reference:

• https://docs.aws.amazon.com/neptune/latest/userguide/auditing.html