Logging and monitoring

ActionTrail does not export all logs

Risk Level

Informational (4)

Platform(s)
Compliance Frameworks

Description

ActionTrail is a web service that monitors and records actions performed on your cloud through cloud console, API calls, and SDK operations. The recorded events are stored at the configured Log Service Logstores and Object Storage Service buckets. The logged activity on the account enables security analysis, resource change tracking, and compliance auditing. It was detected that the cloud account '{CloudAccount}' does not have at least one trail that monitors and records the actions on all regions, or either does not record the actions to both Log Service and OSS.
  • Recommended Mitigation

    It is recommended that at least one trail be configured to monitor the actions on all regions and store the logs on both Log Service Logstore and Object Storage Service bucket. By ensuring the existence of a multi-region trail, any unexpected activities occurring in otherwise unused regions will be detected.