AWS_Cloudtrail_7

Ensure CloudTrail log Delivery is not Failing

Description

Log files generated by your AWS CloudTrail should be delivered without any failures to the intended recipients in order to keep the CloudTrail logging data for security and compliance audits.

Remediation

1. Sign in to the AWS Management Console.

2. Navigate to CloudTrail dashboard.

3. In the navigation panel, select Trails.

4. Choose the CloudTrail trail that you want to reconfigure (see Audit section part I to identify the right resource) then click on its identifier to access the configuration page.

5. On the selected trail configuration page, click the Edit icon available next to the Storage location section to create a new S3 bucket and associate the trail with this bucket.

6. Select Yes next to Create a new S3 bucket and enter a unique name for the new bucket inside the S3 bucket box. (Optional) You can also specify a prefix for the log files within Log file prefix box.

7. Click Save to apply the changes. Once the bucket is created and configured, AWS CloudTrail will begin to deliver log files to this new S3 bucket and the Last log file delivered attribute value set for the selected trail will be updated.

Service

CloudTrail

Severity

Medium

Compliance

Mapping

We are now live on AWS Marketplace.
The integrated view of your cloud infrastructure is now easier than ever!