Back to All Checks
Low CloudTrail Regional

CloudTrail trails should be integrated with Amazon CloudWatch Logs

PCI DSSCISNIST

Description

This control checks whether CloudTrail trails are configured to send logs to CloudWatch Logs.

Remediation

To comply with this control, ensure that AWS CloudTrail trails are configured to send their logs to Amazon CloudWatch Logs. This integration facilitates real-time monitoring of API activity in your AWS account.

Steps

  1. Sign in to the AWS Management Console and open the CloudTrail console at https://console.aws.amazon.com/cloudtrail/.
  2. In the CloudTrail console, click on 'Trails' in the left navigation pane.
  3. Select the trail you want to integrate with CloudWatch Logs.
  4. In the trail details pane, click on the pencil icon next to 'CloudWatch Logs'.
  5. In the 'Edit trail' screen, under 'CloudWatch Logs', set 'Send log files to CloudWatch Logs' to Yes.
  6. Specify a new or existing log group in CloudWatch Logs for the trail.
  7. If needed, create a new IAM role or select an existing role that has the necessary permissions to write logs to CloudWatch Logs.
  8. Click on the 'Save' button to apply the changes.

Compliance

PCI DSSCISNIST
Start Your Free Security Check