Logging and monitoring

Log monitoring is not set up for usage of root account

Risk Level

Informational (4)

Platform(s)
Compliance Frameworks

Description

Log Service is a real-time data logging service that supports collection, consumption, shipping, search, and analysis of logs. It was detected that log monitoring and alarm are not set up for usage of ""root"" account. The root user is fully privileged, therefore it is recommended to avoid using it when possible. Monitoring root account logins will provide visibility into fully privileged account usage and an opportunity to reduce its use.

  • Recommended Mitigation

    It is recommended to set up an alarm in the central project, that will alert on usage of ""root"" account. The suggested query is written in this alert's query. For information about alert configuring: <a href="https://www.alibabacloud.com/help/en/log-service/latest/configure-an-alert-in-log-service" target="_blank" rel="noopener noreferrer">https://www.alibabacloud.com/help/en/log-service/latest/configure-an-alert-in-log-service</a>

Need help?

Get a free Security Risk Assessment. Start today

See Orca in action See Orca in action-> View a 10 minute recorded demo or sign up for a personalized one-on-one walk-through.