Neptune DB clusters should publish audit logs to CloudWatch Logs

neptune
이 페이지는 아직 영어로 제공되지 않습니다. 번역 작업 중입니다.
현재 번역 프로젝트에 대한 질문이나 피드백이 있으신 경우 언제든지 연락주시기 바랍니다.

Description

This control verifies if a Neptune DB cluster is configured to publish audit logs to Amazon CloudWatch Logs. The parameter EnableCloudWatchLogsExport must be configured to include Audit.

Amazon Neptune integrates with Amazon CloudWatch to enable monitoring and analysis of performance metrics. By default, Neptune sends these metrics to CloudWatch and supports the configuration of CloudWatch Alarms. Audit logs can be customized extensively, allowing you to track every operation performed on the database, including details on the cluster accessed and the nature of the interaction. Exporting these logs to CloudWatch is recommended to enhance the monitoring and visibility of your Neptune DB clusters.

Remediation

For guidance on configuring Neptune audit logging, please refer to the Publishing Neptune logs to Amazon CloudWatch Logs section of the Neptune User Guide.

PREVIEWING: brett.blue/embedded-collector-release