From 265f494b0dbc340672821c44e6947a004af5a9f5 Mon Sep 17 00:00:00 2001
From: Toni de la Fuente <c054617@yara.com>
Date: Thu, 8 Jul 2021 17:09:22 +0200
Subject: [PATCH] Fixed check21 to fail if trail is off

---
 checks/check21 | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/checks/check21 b/checks/check21
index bf7d2064..0446243e 100644
--- a/checks/check21
+++ b/checks/check21
@@ -48,7 +48,12 @@ check21(){
         if [[ "$MULTIREGION_TRAIL_STATUS" == 'False' ]];then
           textFail "$regx: Trail $trail is not enabled for all regions" "$regx" "$trail"
         else
-          textPass "$regx: Trail $trail is enabled for all regions" "$regx" "$trail"
+          TRAIL_ON_OFF_STATUS=$($AWSCLI cloudtrail get-trail-status $PROFILE_OPT --region $TRAIL_REGION --name $trail --query IsLogging --output text)
+          if [[ "$TRAIL_ON_OFF_STATUS" == 'False'  ]];then
+            textFail "$regx: Trail $trail is configured for all regions but it is OFF" "$regx" "$trail"
+          else
+            textPass "$regx: Trail $trail is enabled for all regions" "$regx" "$trail"
+          fi 
         fi
 
       done