AWS CloudTrail Sending To CloudWatch Logs
This policy validates that all CloudTrails have output being sent CloudWatch for real time analysis.
Real time log analysis is an important part of a mature security posture, and integrating with CloudWatch Logs is one way to accomplish this with AWS.
Remediation
To remediate this, configure each AWS CloudTrail trail identified in the report to send its logs to CloudWatch logs.
References
CIS AWS Benchmark 2.4 "Ensure CloudTrail trails are integrated with CloudWatch Logs"
Last updated