Dear community,
Effective security incident response depends on adequate logging. If you have the proper logs and can query them, you can respond more rapidly and effectively to security events. If a security event occurs, you can use various log sources to validate what happened and understand the scope. Then, you can use the results of your analysis to take remediation actions.
Is there any document that outlines the minimum log requirements, that all services within an AWS account must send to the Security Operation Center?
Regards,
------------------------------
Panagiotis Chavariotis
------------------------------