Loading controls...
Benchmark: 164.308(a)(1)(ii)(D) Information system activity review
Description
Implement procedures to regularly review records of information system activity, such as audit logs, access reports, and security incident tracking reports.
Usage
Browse dashboards and select 164.308(a)(1)(ii)(D) Information system activity review:
steampipe dashboardOr run the benchmarks in your terminal:
steampipe check aws_compliance.benchmark.hipaa_final_omnibus_security_rule_2013_164_308_a_1_ii_dSnapshot and share results via Steampipe Cloud:
steampipe loginsteampipe check --share aws_compliance.benchmark.hipaa_final_omnibus_security_rule_2013_164_308_a_1_ii_dControls
- API Gateway stage logging should be enabled
- CloudFront distributions access logs should be enabled
- At least one multi-region AWS CloudTrail should be present in an account
- All S3 buckets should log S3 data events in CloudTrail
- At least one enabled trail should be present in a region
- CloudTrail trails should be integrated with CloudWatch logs
- CloudTrail trail logs should be encrypted with KMS CMK
- CloudTrail trail log file validation should be enabled
- CodeBuild projects should have logging enabled
- ELB application and classic load balancer logging should be enabled
- GuardDuty should be enabled
- Database logging should be enabled
- Redshift cluster audit logging and encryption should be enabled
- S3 bucket logging should be enabled
- AWS Security Hub should be enabled for an AWS Account
- VPC flow logs should be enabled
- WAF web ACL logging should be enabled
- Logging should be enabled on AWS WAFv2 regional and global web access control list (ACLs)