Back to All Checks
Medium RDS Regional

RDS DB instances should publish logs to CloudWatch Logs

NISTISO 27001HIPAA

Description

Checks if RDS instances have database logging enabled. This check also fetches the tags associated with each RDS instance.

Remediation

To enable database logging for the identified RDS instance, follow these steps:

Steps

  1. Sign in to the AWS Management Console and open the Amazon RDS console.
  2. In the navigation pane, choose 'Databases'.
  3. Select the identified RDS instance that requires database logging to be enabled.
  4. Choose 'Modify'.
  5. In the 'Database Options' section, locate the 'Log Exports' setting.
  6. Select the types of logs you want to enable (e.g., error logs, general logs, slow query logs).
  7. Scroll to the bottom of the page and choose 'Continue'.
  8. On the summary page, review your changes. Select 'Apply immediately' to enable logging right away, or choose to apply them during the next maintenance window.
  9. Click 'Modify DB Instance' to apply the changes.

Compliance

NISTISO 27001HIPAA
Start Your Free Security Check