Logging and monitoring

Elasticsearch error logs disabled

Risk Level

Informational (4)

Compliance Frameworks
  • AWS Foundational Security Best Practices Controls


Amazon OpenSearch Service (Amazon Elasticsearch Service successor) is a managed service that simplifies the deployment, operation, and scaling of OpenSearch clusters in AWS Cloud. It was found that the Elasticsearch domain {AwsElasticSearch} doesn't have error logs enabled. Error logs can assist in troubleshooting, repairing, and security issues related to the Elasticsearch domain.
  • Recommend icon

    Recommended Mitigation

    It is recommended to enable error logging at the Elasticsearch domain {AwsElasticSearch}. To enable the audit logging follow the steps at: <a href="https://docs.aws.amazon.com/opensearch-service/latest/developerguide/createdomain-configure-slow-logs.html#createdomain-configure-slow-logs-console" target="_blank" rel="noopener noreferrer">https://docs.aws.amazon.com/opensearch-service/latest/developerguide/createdomain-configure-slow-logs.html#createdomain-configure-slow-logs-console</a>