Flow logs are the source of truth for all network activity in your cloud environment. To enable analysis in security event that was detected late, you need to have the logs available.
Setting an retention policy will help ensure as much information is available for review.
Not enabling retention or having short expiry on flow logs could lead to compromise being undetected limiting time for analysis
Follow the appropriate remediation steps below to resolve the issue.
Ensure flow log retention is turned on with an expiry of >90 days
|
|