AWS CloudTrail Sending To CloudWatch Logs

This policy validates that all CloudTrails have output being sent CloudWatch for real time analysis.

Real time log analysis is an important part of a mature security posture, and integrating with CloudWatch Logs is one way to accomplish this with AWS.

Remediation

To remediate this, configure each AWS CloudTrail trail identified in the report to send its logs to CloudWatch logs.

References

CIS AWS Benchmark 2.4 "Ensure CloudTrail trails are integrated with CloudWatch Logs"
Sending Events to CloudWatch Logs

PreviousAWS CloudTrail Is Enabled In All Regions NextAWS KMS CMK Key Rotation Is Enabled

Last updated 3 years ago