Rule: ELB Application and Classic Load Balancer Logging Enabled

Rule Description:

Troubleshooting Steps:

2. 1.

   Verify Load Balancer Configuration: Ensure that the ELB application or classic load balancer is properly configured. Check if the load balancer is associated with the desired target instances and the necessary security groups.

4. 2.

   Check Logging Settings: Confirm if the logging feature is enabled for the ELB application or classic load balancer. If logging is already enabled, proceed to the next step. Otherwise, proceed to enable logging.

6. 3.

   Enable Logging: Enable logging in the load balancer configuration settings. This can usually be done through the management console or by using the AWS Command Line Interface (CLI). If you are using the CLI, execute the following command:

   aws elbv2 modify-load-balancer-attributes --load-balancer-arn <load_balancer_arn> --attributes Key=access_logs.s3.enabled,Value=true
   

   Note: Replace

   <load_balancer_arn>

   with the actual ARN (Amazon Resource Name) of your load balancer.

8. 4.

   Verify Log Destination: Ensure that the log data generated by the load balancer is stored in an appropriate destination. This can be an S3 bucket, CloudWatch Logs, or any other preferred storage option. Confirm the log destination settings to ensure proper collection and retention of the logs.

10. 5.

    Test Log Collection: Generate some test traffic to the load balancer and verify if the logs are being collected and stored correctly in the designated log destination. Analyze the logs to ensure they contain the required information and are useful for future analysis and monitoring.

Relevant Codes:

aws elbv2 modify-load-balancer-attributes --load-balancer-arn <load_balancer_arn> --attributes Key=access_logs.s3.enabled,Value=true

<load_balancer_arn>

Remediation Steps:

2. 1.

   Log in to the AWS Management Console.

4. 2.

   Navigate to the EC2 Dashboard.

6. 3.

   In the navigation pane, under the Load Balancing section, select "Load Balancers."

8. 4.

   Identify the ELB application or classic load balancer for which you want to enable logging and click on its name to access its configuration.

10. 5.

    In the "Attributes" tab of the load balancer configuration, search for the "Access logs" attribute.

12. 6.

    Check if the "Access logs" attribute is enabled. If it is already enabled, logging is already configured, and you can proceed to the verification steps. If not enabled, proceed to the next step.

14. 7.

    Click on the "Edit" button next to the "Access logs" attribute.

16. 8.

    In the "Configure Access Logs" dialog box, select the option to enable access logs.

18. 9.

    Specify the destination where you want the logs to be stored. This can be an S3 bucket, CloudWatch Logs, or any other preferred storage option.

20. 10.

    Configure the required settings such as log format, log prefix, and other options according to your requirements.

22. 11.

    Click on the "Save" button to save the changes and enable logging for the load balancer.

24. 12.

    Verify Log Collection: Generate some test traffic to the load balancer and check if the logs are being collected and stored correctly in the designated log destination. Analyze the logs to ensure they contain the required information and are useful for future analysis and monitoring.