08 - Cloudtrail Log Validation

Ensure CloudTrail is Log Validation is Enabled

AWS CloudTrail is a service that enables governance, compliance, operational auditing, and risk auditing of your AWS account. With CloudTrail, you can log, continuously monitor, and retain account activity related to actions across your AWS infrastructure. CloudTrail provides event history of your AWS account activity, including actions taken through the AWS Management Console, AWS SDKs, command line tools, and other AWS services. Since this holds all audit logs, it is important to have log validation in place to ensure that the log has not been tampered with. This is why CloudTrail log validation is a security best practice. Having a full inventory of your CloudTrails with current logging status across all of your accounts can help with CIS, NIST, HIPPA, GDPR & PCI-DSS compliance.

Audit & Remediation

Login into your AWS account
Navigate to the CloudTrail service at: https://https://console.aws.amazon.com/cloudtrail
In the Left hand panel select Trails.

Validate if you see Log file validation is enabled.
Select your CloudTrail. Validate if you see Log file validation is enabled.

Select the Edit button
Under General details --> Additional settings select Enabled under the Log file validation.

Continue this process for all of your AWS accounts to ensure you are compliant.

See all certificates in a single place!

Do you want to see all of your ACM certificates in once place for all regions and all accounts?
Login to our online demo to see exactly what this looks like.
demo.intelligentdiscovery.io

Other Key Features

Inventory

Consolidate your inventory management with consistent and frequent security logs, inventories, and change logs. Dashboard reporting for extensive analytical value.

learn more +

Cost & Usage

Access consolidated capacity, cost, and volume tools in a scaling environment without impacting production or breaking the bank.