Cloud Defense Logo

Products

Solutions

Company

Book A Live Demo

Rule: ELB Application and Classic Load Balancer Logging Enabled

Ensure ELB application and classic load balancer logging is enabled for system operations.

RuleELB application and classic load balancer logging should be enabled
FrameworkSOC 2
Severity
High

Rule Description

ELB (Elastic Load Balancer) application and classic load balancer logging should be enabled for SOC 2 compliance. Logging is an essential requirement for monitoring, detecting, and investigating security incidents, as well as ensuring compliance with regulatory standards such as SOC 2.

Load balancer logging provides valuable information about incoming requests, client IPs, response codes, SSL handshake failures, and other important metrics. This data helps in identifying potential security threats, troubleshooting issues, and analyzing application performance.

Enabling load balancer logging ensures that the necessary logs are recorded and retained for a specific period, allowing proper auditing and analysis.

Troubleshooting Steps (if applicable)

Issue: Logging not enabled for ELB load balancer

  1. 1.
    Verify that the load balancer is active and in use.
  2. 2.
    Check if the load balancer is application or classic type.
  3. 3.
    Confirm that the necessary permissions are available to enable logging.

Issue: Logging not recording expected information

  1. 1.
    Check the logging configuration settings.
  2. 2.
    Verify that the required log fields are configured to be captured.
  3. 3.
    Ensure that the log files are being delivered to the desired destination (e.g., Amazon S3).

Necessary Codes (if applicable)

There are no specific codes required for enabling ELB load balancer logging. The configuration is done through the AWS Management Console or AWS CLI.

Step-by-Step Guide for Enabling ELB Load Balancer Logging

Note: The following guide assumes you have administrative access to the AWS Management Console and basic familiarity with the AWS services involved.

  1. 1.
    Open the AWS Management Console and navigate to the EC2 service.
  2. 2.
    In the navigation pane, click on "Load Balancers" under the "LOAD BALANCING" section.
  3. 3.
    Identify the ELB load balancer for which logging needs to be enabled.
  4. 4.
    Select the load balancer by clicking its checkbox.
  5. 5.
    Click on the "Actions" button and choose "Edit attributes."
  6. 6.
    In the "General configuration" section, find the "Access logs" option.
  7. 7.
    Select the option to enable access logs.
  8. 8.
    Choose an S3 bucket to store the logs. If needed, create a new bucket or select an existing one.
  9. 9.
    Optionally, specify a prefix for the log file names.
  10. 10.
    Set the desired interval for log file rotation.
  11. 11.
    Click on "Save" to apply the changes.

Conclusion

Enabling ELB application and classic load balancer logging is crucial for SOC 2 compliance. By following the step-by-step guide provided, you can ensure that logs are captured consistently, allowing efficient monitoring, troubleshooting, and compliance auditing. Regularly review the generated logs in the specified S3 bucket to identify any potential security issues and maintain the required log retention period.

Is your System Free of Underlying Vulnerabilities?
Find Out Now