How to resolve Sprinto check for enabling server access logs on AWS S3
About:
Sprinto check: AWS S3 server access logging should be enabled for important buckets
The above-mentioned Sprinto check verifies that server access logging is enabled for your Amazon S3 buckets. Server access logs provide detailed records of requests made to a bucket, including the requester, the request time, the request action, and the response status.
Purpose: The purpose of this check is to ensure that you have visibility into access patterns and activities related to your S3 buckets. By enabling server access logging, you can capture and analyze log entries that can be valuable for security monitoring, access auditing, and troubleshooting purposes. These logs can help you detect and investigate potential security incidents or unauthorized access attempts, as well as monitor resource usage and performance.
How to fix this check:
Follow the below steps to resolve this check:
Before you begin
Ensure you have administrative privileges to manage Amazon S3 bucket configurations.
Enabling Server Access Logging Note: The above Sprinto checks pass even if any one of the S3 buckets has a configured server access login.
Log in to AWS Console using your credentials.
Navigate to the Amazon S3 service.
Select the S3 bucket from the list for which you wish to enable logs.
Select the Properties tab and scroll down to the Server access logging section.
Ensure the Server access logging is Enabled. If it is Disabled, click Edit and enable it.
Select a Destination S3 bucket and Log object key format.
Click Save Changes to apply the changes.
Repeat the above steps and enable Server access logging on every critical S3 bucket.
Sprinto will detect the configuration change and set the check status to "Passing."
Please contact Sprinto support if you have any queries related to Sprinto check or need any assistance.