Logging and monitoring

Log monitoring is not set up for Management Console authentication failures

Risk Level

Informational (4)

Platform(s)
Compliance Frameworks

Description

Log Service is a real-time data logging service that supports collection, consumption, shipping, search, and analysis of logs. It was detected that log monitoring and alarm are not set up for management console authentication failures. Monitoring failed console logins may help to detect a credential brute force attempt and to provide an indicator, source IP for example, for other such events.

  • Recommended Mitigation

    It is recommended to set up an alarm in the central project, that will alert on management console authentication failures. The suggested query is written in this alert's query. For information about alert configuring: <a href="https://www.alibabacloud.com/help/en/log-service/latest/configure-an-alert-in-log-service" target="_blank" rel="noopener noreferrer">https://www.alibabacloud.com/help/en/log-service/latest/configure-an-alert-in-log-service</a>

Need help?

Get a free Security Risk Assessment. Start today

See Orca in action See Orca in action-> View a 10 minute recorded demo or sign up for a personalized one-on-one walk-through.