
Control: 1.18 Enable audit logging for IBM Cloud Identity and Access Management


Use the IBM Cloud Activity Tracker with LogDNA service to monitor certain IAM events.


You must create an instance of the IBM Cloud Activity Tracker with LogDNA service in the Frankfurt region to start tracking IAM events. Use a minimum of a 7-day event search.

From Console

  1. Log in to IBM Cloud
  2. Go to the Menu icon. Then, select Observability to access the Observability dashboard.
  3. Select Activity Tracker from the page navigation menu
  4. Click Create instance to create an instance of IBM Cloud Activity Tracker with LogDNA.
  5. In the Select a region drop down, choose Frankfurt
  6. Select a pricing plan, service name, resource group, and provide optional tags. Choose a plan that offers a minimum of 7-day event search.
  7. Click Create.

By default, audit logging with Activity Tracker with LogDNA is not enabled.


Run the control in your terminal:

powerpipe control run ibm_compliance.control.cis_v100_1_18

Snapshot and share results via Turbot Pipes:

powerpipe login
powerpipe control run ibm_compliance.control.cis_v100_1_18 --share


This control uses a named query:

guid as resource,
'info' as status,
'Manual verification required.' as reason,
