ElasticSearch Without Slow Logs

• Query id: e979fcbc-df6c-422d-9458-c33d65e71c45
• Query name: ElasticSearch Without Slow Logs
• Platform: Terraform
• Severity: Medium
• Category: Observability
• URL: Github

Description

Ensure that AWS Elasticsearch enables support for slow logs
Documentation

Code samples

Code samples with security vulnerabilities

Postitive test num. 1 - tf file

resource "aws_elasticsearch_domain" "positive1" {
  log_publishing_options {
    cloudwatch_log_group_arn = aws_cloudwatch_log_group.example.arn
    log_type                 = "ES_APPLICATION_LOGS"
    enabled                  = true
  }
}

Code samples without security vulnerabilities

Negative test num. 1 - tf file

resource "aws_elasticsearch_domain" "negative1" {

  log_publishing_options {
    cloudwatch_log_group_arn = aws_cloudwatch_log_group.example.arn
    log_type                 = "INDEX_SLOW_LOGS"
    enabled                  = true //for default its true
  }
}