| Plugin Title | ELB Logging Enabled |
| Cloud | AWS |
| Category | ELB |
| Description | Ensures load balancers have request logging enabled. |
| More Info | Logging requests to ELB endpoints is a helpful way of detecting and investigating potential attacks, malicious activity, or misuse of backend resources.Logs can be sent to S3 and processed for further analysis. |
| AWS Link | http://docs.aws.amazon.com/elasticloadbalancing/latest/application/load-balancer-access-logs.html |
| Recommended Action | Enable ELB request logging |
- Log into the AWS Management Console.
- Select the "Services" option and search for EC2.
- In the "EC2 Dashboard" scroll down and look for "Load Balancers" and click on "Load Balancers" to get into "Load Balancers" dashboard.
- Select the "Load Balancer" which needs to be verified.
- Select the "Description" tab from the bottom panel and scroll down to "Attributes" option.
- Check the "Access logs" and if it's "Disabled" than the "Access logs" feature is not enabled on the selected "Load Balancer". Access Logs delivers detailed logs of all requests made to "Elastic Load Balancing".
- Click on "Edit attributes" button and click on "Enable" checkbox next to "Access Logs". Specify the S3 location and prefix for the S3 bucket to store the log files and click on "Create this location for me" checkbox so AWS can create a new bucket. If you don't click on "Create this location for me" checkbox provide name of the existing bucket.
he selected "Load Balancer". Access Logs delivers detailed logs of all requests made to "Elastic Load Balancing".
- Click on the "Save" button to make the necessary changes.
- S3 bucket and Load Balancer needs to exist in the same zone.
- Selected "Load Balancer" have request logging enabled now.
