Logging and monitoring

Log monitoring is not set up for RAM role changes

Risk Level

Informational (4)

Platform(s)
Compliance Frameworks

Description

Log Service is a real-time data logging service that supports collection, consumption, shipping, search, and analysis of logs. It was detected that log monitoring and alarm are not set up for RAM role changes. Monitoring role creation, deletion, and updating activities will aid in the early detection of any potentially malicious actions.

  • Recommended Mitigation

    It is recommended to set up an alarm in the central project, that will alert on RAM Role creation, deletion, and updating activities. The suggested query is written in this alert's query. For information about alert configuring: <a href="https://www.alibabacloud.com/help/en/log-service/latest/configure-an-alert-in-log-service" target="_blank" rel="noopener noreferrer">https://www.alibabacloud.com/help/en/log-service/latest/configure-an-alert-in-log-service</a>

Need help?

Get a free Security Risk Assessment. Start today

See Orca in action See Orca in action-> View a 10 minute recorded demo or sign up for a personalized one-on-one walk-through.