Login

Cloud Defense Logo

Products

Solutions

Company

Book A Live Demo

Enable ELB Application and Classic Load Balancer Logging Rule

This rule requires enabling logging for ELB application and classic load balancers.

RuleELB application and classic load balancer logging should be enabled
FrameworkNIST 800-53 Revision 5
Severity
High

Rule Description: ELB Application and Classic Load Balancer Logging for NIST 800-53 Revision 5

The NIST 800-53 Revision 5 is a set of security and privacy controls for federal information systems and organizations. As per the NIST guidelines, it is necessary to enable logging for Elastic Load Balancer (ELB) Application and Classic Load Balancer in order to monitor and analyze the traffic and security events.

Troubleshooting Steps:

  2. 1.
    Verify that the Elastic Load Balancer (ELB) is created and associated with the appropriate resources.
  4. 2.
    Check if the logging feature is enabled for the ELB. If not, configure it with the necessary settings.
  6. 3.
    Ensure that the IAM role associated with the ELB has appropriate permissions to write logs to the desired log storage location.

Necessary Code:

There is no specific code required to enable logging for ELB Application and Classic Load Balancer. However, it can be achieved through the AWS Management Console or CLI commands.

Step-by-step Guide:

Enable Logging using AWS Management Console:

  2. 1.
    Open the AWS Management Console and navigate to the EC2 service.
  4. 2.
    In the navigation pane, click on "Load Balancers" to list all the available load balancers.
  6. 3.
    Select the appropriate ELB Application or Classic Load Balancer for which you want to enable logging.
  8. 4.
    Under the "Attributes" tab, click on "Edit" in the "Access logs" section.
  10. 5.
    Enable the "Enable access logs" checkbox and specify the desired log storage location (e.g., S3 bucket) and prefix.
  12. 6.
    Choose the desired log file format and click on "Save" to enable logging.

Enable Logging using CLI Commands:

  2. 1.
    Open the AWS CLI or a terminal with AWS CLI configured.
  4. 2.
    Use the following command to enable logging for an ELB Application Load Balancer:
aws elbv2 modify-load-balancer-attributes --load-balancer-arn <ELB_ARN> --attributes "Key=access_logs.s3.enabled,Value=true" "Key=access_logs.s3.bucket,Value=<BUCKET_NAME>" "Key=access_logs.s3.prefix,Value=<PREFIX>"
  2. 1.
    Use the following command to enable logging for a Classic Load Balancer:
aws elb modify-load-balancer-attributes --load-balancer-name <ELB_NAME> --load-balancer-attributes "[]{\"Key\":\"accessLog\", \"Value\":\"Enabled\"}"

Note: Replace 

<ELB_ARN>
with the ARN (Amazon Resource Name) of the ELB Application Load Balancer, 
<BUCKET_NAME>
with the desired S3 bucket name, 
<PREFIX>
with the desired log file prefix, and 
<ELB_NAME>
with the name of the Classic Load Balancer.

Once enabled, the ELB Application and Classic Load Balancer will start logging the relevant access logs to the specified location, allowing you to monitor and analyze the traffic and security events as per the NIST 800-53 Revision 5 guidelines.

Is your System Free of Underlying Vulnerabilities?
Find Out Now