OpenSearch domains should have Audit Logging enabled

This page is not yet available in Spanish. We are working on its translation.
If you have any questions or feedback about our current translation project, feel free to reach out to us!

Description

This check determines if audit logging is enabled for Amazon OpenSearch Service domains, and is configured to send logs to Amazon CloudWatch Logs. Audit logs are crucial for recording detailed information about access and changes to OpenSearch resources, enabling you to track user activities, detect suspicious behavior, and ensure compliance with security policies and regulatory requirements.

Remediation

To enable audit logging for an Amazon OpenSearch Service domain, refer to the Configuring Amazon OpenSearch Service to Enable Audit Logging section of the Amazon OpenSearch Service Developer Guide.

PREVIEWING: rtrieu/product-analytics-ui-changes