I currently run an OpenDistro 1.11.0 stack.
I need to fulfill the PCI-DSS requiment :
11.5 “Use file-integrity monitoring or change detection software on logs to ensure that existing log data cannot be changed without generating alerts (although new data being added should not cause an alert)”
What is the best way to implement? How can we use alerts and audit to monitor that no log are “Modified” ?