Low
WAF
Regional
AWS WAF web ACL logging should be enabled
NISTISO 27001HIPAA
Description
This control checks whether logging is activated for an AWS WAFv2 web ACL. The control fails if logging is deactivated for the web ACL.
Remediation
To activate logging for an AWS WAFv2 web ACL, refer to the AWS WAF Developer Guide.
Steps
- Navigate to the AWS WAF console.
- Select the appropriate Web ACL.
- Activate logging for the selected Web ACL.
Compliance
NISTISO 27001HIPAA