turbot/oci_compliance

Control: 3.1 Ensure audit log retention period is set to 365 days

Description

Ensuring audit logs are kept for 365 days.

Remediation

From Console

  1. Go to the Tenancy Details page.
  2. Click Edit Audit Retention Policy.
  3. Set the AUDIT RETENTION PERIOD to 365.
  4. Click Submit.

From Command Line

  1. Update the retention-period-days to 365
oci audit config update --retention-period-days 365 --compartment-id <compartment OCID>

Usage

Run the control in your terminal:

powerpipe control run oci_compliance.control.cis_v120_3_1

Snapshot and share results via Turbot Pipes:

powerpipe login
powerpipe control run oci_compliance.control.cis_v120_3_1 --share

SQL

This control uses a named query:

identity_tenancy_audit_log_retention_period_365_days

Tags