Logging and monitoring

Log monitoring is not set up for VPC network route changes

Risk Level

Informational (4)

Platform(s)
Compliance Frameworks

Description

Log Service is a real-time data logging service that supports collection, consumption, shipping, search, and analysis of logs. It was detected that log monitoring and alarm are not set up for VPC network route changes. Monitoring route tables changes will help to ensure that all VPC traffic flows through an expected path.

  • Recommended Mitigation

    It is recommended to set up an alarm in the central project, that will alert on VPC network route changes. The suggested query is written in this alert's query. For information about alert configuring: <a href="https://www.alibabacloud.com/help/en/log-service/latest/configure-an-alert-in-log-service" target="_blank" rel="noopener noreferrer">https://www.alibabacloud.com/help/en/log-service/latest/configure-an-alert-in-log-service</a>

Need help?

Get a free Security Risk Assessment. Start today

See Orca in action See Orca in action-> View a 10 minute recorded demo or sign up for a personalized one-on-one walk-through.