Login

Cloud Defense Logo

Products

Solutions

Company

Book A Live Demo

Enable ELB Application and Classic Load Balancer Logging Rule

This rule ensures the logging is enabled for ELB application and classic load balancer.

RuleELB application and classic load balancer logging should be enabled
FrameworkNIST 800-171 Revision 2
Severity
High

Rule Description:

ELB (Elastic Load Balancer) application and classic load balancer logging should be enabled for NIST (National Institute of Standards and Technology) 800-171 Revision 2 compliance. Enabling logging for the load balancer helps in capturing important information for monitoring, auditing, and compliance purposes.

Troubleshooting Steps:

  2. 1.
    Verify if the load balancer exists in your AWS account.
  4. 2.
    Ensure that your AWS account has the necessary permissions to enable logging for the load balancer.
  6. 3.
    Check if the logging feature is supported for the load balancer type you are using (application or classic).
  8. 4.
    Review the load balancer's configurations to ensure it meets the requirements for NIST 800-171 Revision 2 compliance.
  10. 5.
    Make sure that the load balancer's access logs are being directed to an appropriate destination (e.g., S3 bucket) for storage and analysis.

Necessary Codes:

No specific codes are necessary for this rule. Configuration settings need to be adjusted using AWS Management Console, AWS CLI, or AWS SDKs.

Step-by-step Guide for Remediation:

  2. 1.
    Sign in to the AWS Management Console.

For Application Load Balancer:

  2. 1.
    Go to the EC2 Dashboard.
  4. 2.
    In the navigation pane, click on "Load Balancers."
  6. 3.
    Select the target Application Load Balancer from the list.
  8. 4.
    Click on the "Listeners" tab.
  10. 5.
    Scroll down to the "Access logs" section.
  12. 6.
    Click on "Edit."
  14. 7.
    Enable the "Access logs" toggle switch.
  16. 8.
    Choose an existing S3 bucket or create a new one to store the logs.
  18. 9.
    Set the desired log prefix and interval.
  20. 10.
    Click on "Save" to enable logging for the Application Load Balancer.

For Classic Load Balancer:

  2. 1.
    Go to the EC2 Dashboard.
  4. 2.
    In the navigation pane, click on "Load Balancers."
  6. 3.
    Select the target Classic Load Balancer from the list.
  8. 4.
    Click on the "Attributes" tab.
  10. 5.
    Scroll down to the "Access Logs" section.
  12. 6.
    Click on "Edit."
  14. 7.
    Enable the "Enable Access Logs" checkbox.
  16. 8.
    Choose an existing S3 bucket or create a new one to store the logs.
  18. 9.
    Set the desired log prefix and interval.
  20. 10.
    Click on "Save" to enable logging for the Classic Load Balancer.

Validation:

After enabling logging for the load balancer, you can perform the following steps to validate if the logs are generated correctly:

  2. 1.
    Check the designated S3 bucket for log file presence.
  4. 2.
    Review the log files to ensure that they contain the required information and are being updated regularly.
  6. 3.
    Utilize AWS CloudWatch Logs or other log analysis tools to analyze and monitor the captured logs.
  8. 4.
    Conduct periodic checks to ensure that logging remains enabled and functional for compliance with NIST 800-171 Revision 2.

Is your System Free of Underlying Vulnerabilities?
Find Out Now