[DataSync.1] DataSync tasks should have logging enabled

Security Hub controls for DataSync

These Security Hub controls evaluate the AWS DataSync service and resources.

These controls may not be available in all AWS Regions. For more information, see Availability of controls by Region.

[DataSync.1] DataSync tasks should have logging enabled

Category: Identify > Logging

Severity: Medium

Resource type: AWS::DataSync::Task

AWS Config rule: datasync-task-logging-enabled

Schedule type: Change triggered

Parameters: None

This control checks whether an AWS DataSync task has logging enabled. The control fails if the task doesn't have logging enabled.

Audit logs track and monitor system activities. They provide a record of events that can help you detect security breaches, investigate incidents, and comply with regulations. Audit logs also enhance the overall accountability and transparency of your organization.

Remediation

To configure logging for DataSync tasks, see Configuring logging for your DataSync transfer task in the AWS DataSync User Guide

Warning Javascript is disabled or is unavailable in your browser.

To use the Amazon Web Services Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

Document Conventions

Amazon Data Firehose controls

Amazon Detective controls