Rule: Maintain Log Group Retention Period
Ensure log group retention period is set to a minimum of 365 days for compliance
| Rule | Log group retention period should be at least 365 days |
| Framework | GxP 21 CFR Part 11 |
| Severity | ✔ High |
Rule Description
The rule requires that the retention period for the log group should be set to a minimum of 365 days for compliance with GxP (Good Practices) and 21 CFR Part 11 regulations. This regulation ensures that the log data generated by systems and applications relevant to GxP processes are retained for a sufficient duration to meet compliance requirements.
Troubleshooting Steps
If the log group retention period is not set to at least 365 days, it may result in non-compliance with GxP and 21 CFR Part 11 regulations. To troubleshoot and rectify this issue, follow these steps:
- 1.
Step 1: Identify the AWS account and the specific log group that requires modification. Make a note of the log group details for future reference.
- 2.
Step 2: Verify the current retention period of the log group. You can do this by logging into the AWS Management Console and navigating to the Amazon CloudWatch service.
- 3.
Step 3: Once in CloudWatch, click on "Logs" in the left-hand menu to access the log groups.
- 4.
Step 4: Locate the specific log group that needs adjustment and select it. The log group details will appear on the right side of the console.
- 5.
Step 5: Check the "Retention" setting for the log group. If it is set to a value less than 365, it needs to be updated.
- 6.
Step 6: Click on the "Actions" dropdown menu and select "Modify retention".
- 7.
Step 7: In the "Modify Retention" dialog box, enter "365" as the new retention period. Ensure that it is set to the appropriate number of days according to the regulation requirements.
- 8.
Step 8: Click "Save" to update the retention period for the log group.
- 9.
Step 9: Repeat the above steps for any other log groups that require the retention period adjustment.
Necessary Codes
In most cases, modifying the log group retention period is done through the AWS Management Console as described in the troubleshooting steps. However, if you prefer to use AWS CLI (Command Line Interface) to update the retention period, you can use the following command:
aws logs put-retention-policy --log-group-name <log-group-name> --retention-in-days 365
Replace
<log-group-name>Remember to have the AWS CLI installed and properly configured before executing the command.
Remediation Guide
Follow these steps to remediate the log group retention period to comply with GxP 21 CFR Part 11 regulations:
- 1.
Log in to the AWS Management Console.
- 2.
Navigate to the Amazon CloudWatch service.
- 3.
Click on "Logs" in the left-hand menu to access the log groups.
- 4.
Identify the log group that requires the retention period modification.
- 5.
Select the log group and make a note of its details.
- 6.
Check the current retention period and ensure it is set to a value of at least 365 days.
- 7.
If the retention period is less than 365 days, click on the "Actions" dropdown menu and select "Modify retention".
- 8.
In the "Modify Retention" dialog box, enter "365" as the new retention period.
- 9.
Click "Save" to update the retention period for the log group.
- 10.
Repeat the above steps for any other log groups that require the retention period adjustment.
- 11.
Verify that the retention period has been successfully modified by checking the log group details.
By following these steps, the log group retention period will be set to a minimum of 365 days, ensuring compliance with GxP 21 CFR Part 11 regulations.