turbot/ibm_compliance

Control: 3.1 Ensure auditing is configured in the IBM Cloud account

Description

Collect audit events from IBM Cloud resources so that you can monitor activity in your IBM Cloud account.

Remediation

From Console

  1. Log in to IBM Cloud
  2. Go to the Menu icon. Then, select Observability to access the Observability dashboard.
  3. Select Activity Tracker from the page navigation menu
  4. Check that you can see an Activity Tracker instance in Frankfurt and one instance for each location where you operate in the IBM Cloud.
  5. To launch the LogDNA web UI, for each instance, select View LogDNA.
  6. In the LogDNA web UI, verify that you can see audit events, and that they comply with the IBM event format that is documented. For more information about the format, see Event fields.

Usage

Run the control in your terminal:

powerpipe control run ibm_compliance.control.cis_v100_3_1

Snapshot and share results via Turbot Pipes:

powerpipe login
powerpipe control run ibm_compliance.control.cis_v100_3_1 --share

SQL

This control uses a named query:

manual_control

Tags