Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[opensearch] Implement audit log retention requirements #551

Open
1 task
artherd42 opened this issue Dec 12, 2024 · 0 comments
Open
1 task

[opensearch] Implement audit log retention requirements #551

artherd42 opened this issue Dec 12, 2024 · 0 comments
Assignees
@Kuckkuck
Labels
enhancement New feature or request logs Opensearch, Logshipper, Data Prepper, and more observability

Comments

@artherd42
Copy link

artherd42 commented Dec 12, 2024
edited
Loading

Priority

(Medium) I'm annoyed but I'll live

Is your feature request related to a problem?

PCI DSS requirements require audit logs to be retained for a minimum of one year. Ninety days of PCI audit logs should also be available for immediate analysis.

Additional context.

  • Keep the audit logs separate from other logs (own index).
  • Set retention time for audit log indices to minimum 90 days.
  • Ensure data redundancy in the cluster (primary and replica shards).
  • Backup / Restore audit logs outside the cluster.

Acceptance Criteria

  • tbd
@artherd42 artherd42 added logs Opensearch, Logshipper, Data Prepper, and more observability labels Dec 12, 2024
@artherd42 artherd42 added the enhancement New feature or request label Dec 12, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@Kuckkuck Kuckkuck

Labels
enhancement New feature or request logs Opensearch, Logshipper, Data Prepper, and more observability
Projects
Operations Platform Roadmap
Status: No status
Milestone
No milestone
Development

No branches or pull requests
2 participants
@Kuckkuck @artherd42