Low

Ensure DocumentDB clusters have Log Exports feature enabled

Security & Compliance
Description

Ensuring that your DocumentDB clusters have Log Exports feature enabled is an important step in monitoring and troubleshooting your database instances. Log Exports allow you to capture logs from your DocumentDB instances and export them to Amazon S3 or other destinations for further analysis and processing.By enabling Log Exports, you can capture detailed logs of database activity, including queries, errors, and other important events. These logs can be used to diagnose issues, identify performance bottlenecks, and monitor compliance with industry regulations and best practices.

Remediation

Here are some general remediation steps that you can follow to ensure that your DocumentDB clusters have Log Exports feature enabled:

  1. Review current log export settings: First, review the current log export settings of your DocumentDB cluster. You can do this by navigating to the DocumentDB dashboard in the AWS Management Console and selecting the cluster you want to review.
  2. Enable Log Exports: If Log Exports is not already enabled for your cluster, enable it by going to the "Log Exports" section of your DocumentDB cluster and configuring the desired log types, destinations, and other settings.
  3. Verify changes: After enabling Log Exports, verify that the changes have been applied successfully. You can do this by checking the cluster details in the DocumentDB dashboard.
  4. Monitor log exports: Once Log Exports is enabled, monitor the logs that are being exported to ensure that they are capturing the desired events and that they are being sent to the desired destinations.
  5. Analyze logs: Use the exported logs to analyze database activity, diagnose issues, identify performance bottlenecks, and monitor compliance with industry regulations and best practices.

By following these steps, you can ensure that your DocumentDB clusters have Log Exports feature enabled and that you can capture valuable logs for monitoring and troubleshooting your database instances.

Enforced Resources
Note: Remediation steps provided by Lightlytics are meant to be suggestions and guidelines only. It is crucial to thoroughly verify and test any remediation steps before applying them to production environments. Each organization's infrastructure and security needs may differ, and blindly applying suggested remediation steps without proper testing could potentially cause unforeseen issues or vulnerabilities. Therefore, it is strongly recommended that you validate and customize any remediation steps to meet your organization's specific requirements and ensure that they align with your security policies and best practices.

Step into the Future of SecOps