I have a question about Cloud Workload Protection for Storage. I'm using CWP for Storage with AWS.
I'd like to know the specification of audit logs.
When I loged on the CWP Console, audit logs are displayed on the console. For example, there are message on the console 'User xxxx logged on.'
However, the message is not saved in CloudWatch.
How long is the audit log save? Is it 90days?
And, is there a way to save the audit logs in CloudWatch?
Have you checked out these TNs around pushing logs to CloudWatch?
Thank you for your answer.
I read these articles.
I understood that SCWP has 3 type logs (Scan logs, Violation logs, Statistic logs).
And these logs include data about policy violations, actions, health status, and statistics, but these logs don't include data about 'logged on' and 'logged off'.
So, I think audit log is not saved in CloudWatch. And the audit log saved only 90 days.