Skip to content

Latest commit

 

History

History
26 lines (22 loc) · 2.39 KB

elb-logging-enabled.md

File metadata and controls

26 lines (22 loc) · 2.39 KB

CloudSploit

AWS / ELB / ELB Logging Enabled

Quick Info

Plugin Title ELB Logging Enabled
Cloud AWS
Category ELB
Description Ensures load balancers have request logging enabled.
More Info Logging requests to ELB endpoints is a helpful way of detecting and investigating potential attacks, malicious activity, or misuse of backend resources.Logs can be sent to S3 and processed for further analysis.
AWS Link http://docs.aws.amazon.com/elasticloadbalancing/latest/application/load-balancer-access-logs.html
Recommended Action Enable ELB request logging

Detailed Remediation Steps

  1. Log in to the AWS Management Console.
  2. Select the "Services" option and search for EC2.
  3. In the "EC2 Dashboard" scroll down and look for "Load Balancing" and click on "Load Balancers" to get into "Load Balancers" dashboard.
  4. Select the "Load Balancer" which needs to be verified.
  5. Select the "Description" tab from the bottom panel and scroll down to "Attributes" option.
  6. Check the "Access logs" and if it's "Disabled" than the "Access logs" feature is not enabled on the selected "Load Balancer". Access Logs delivers detailed logs of all requests made to "Elastic Load Balancing".
  7. Click on "Configure access logs" button and select "Enable access logs" checkbox in the pop up. Specify the S3 location and prefix for the S3 bucket to store the log files and click on "Create this location for me" checkbox so AWS can create a new bucket. If you don't click on "Create this location for me" checkbox, provide the name of the existing bucket for the selected "Load Balancer". Access Logs deliver detailed logs of all requests made to "Elastic Load Balancing". Click on the "Save" button to make the necessary changes.
  8. S3 bucket and Load Balancer needs to exist in the same zone.
  9. Selected "Load Balancer" has request logging enabled now.