Logging and monitoring

OpenSearch (Elasticsearch) audit logs disabled

Platform(s)
Compliance Frameworks

AWS Foundational Security Best Practices Controls, Brazilian General Data Protection (LGPD), CCM-CSA, CCPA, cis_8, CPRA, Data Security Posture Management (DSPM) Best Practices, GDPR, hdh, HITRUST, iso_27001_2022, iso_27002_2022, Mitre ATT&CK, New Zealand Information Security Manual, NIST 800-171, NIST 800-53, PDPA, UK Cyber Essentials

Description

Amazon OpenSearch Service (Amazon Elasticsearch Service successor) is a managed service that simplifies the deployment, operation, and scaling of OpenSearch clusters in AWS Cloud. It was found that the OpenSearch (Elasticsearch) domain {AwsElasticSearch} doesn't have audit log enabled. These logs track the activity on the OpenSearch (Elasticsearch) clusters and allow you to monitor and analyze events on the OpenSearch (Elasticsearch) clusters.