diff --git a/README.md b/README.md
index 0bd66e29..0d789bee 100644
--- a/README.md
+++ b/README.md
@@ -583,7 +583,7 @@ We are adding additional checks to improve the information gather from each acco
 
 Note: Some of these checks for publicly facing resources may not actually be fully public due to other layered controls like S3 Bucket Policies, Security Groups or Network ACLs.
 
-At this moment we have 14 extra checks:
+At this moment we have 15 extra checks:
 
 - 7.1 (`extra71`) Ensure users with AdministratorAccess policy have MFA tokens enabled (Not Scored) (Not part of CIS benchmark)
 - 7.2 (`extra72`) Ensure there are no EBS Snapshots set as Public (Not Scored) (Not part of CIS benchmark)
@@ -599,6 +599,8 @@ At this moment we have 14 extra checks:
 - 7.12 (`extra712`) Check if Amazon Macie is enabled (Not Scored) (Not part of CIS benchmark)
 - 7.13 (`extra713`) Check if GuardDuty is enabled (Not Scored) (Not part of CIS benchmark)
 - 7.14 (`extra714`) Check if CloudFront distributions have logging enabled (Not Scored) (Not part of CIS benchmark)
+- 7.15 (`extra715`) Check if Elasticsearch Service domains have logging enabled (Not Scored) (Not part of CIS benchmark)
+
 
 To check all extras in one command:
 ```
@@ -623,6 +625,7 @@ With this group of checks, Prowler looks if each service with logging or audit c
 - 7.12  Check if Amazon Macie is enabled (Not Scored) (Not part of CIS benchmark)
 - 7.13  Check if GuardDuty is enabled (Not Scored) (Not part of CIS benchmark)
 - 7.14  Check if CloudFront distributions have logging enabled (Not Scored) (Not part of CIS benchmark)
+- 7.15  Check if Elasticsearch Service domains have logging enabled (Not Scored) (Not part of CIS benchmark)
 
 The `forensics-ready` group of checks uses existing and extra checks. To get a forensics readiness report, run this command:
 ```
diff --git a/prowler b/prowler
index 8e530619..141fb6b8 100755
--- a/prowler
+++ b/prowler
@@ -496,6 +496,8 @@ ID713="7.13,7.13"
 TITLE713="Check if GuardDuty is enabled (Not Scored) (Not part of CIS benchmark)"
 ID714="7.14,7.14"
 TITLE714="Check if CloudFront distributions have logging enabled (Not Scored) (Not part of CIS benchmark)"
+ID715="7.15,7.15"
+TITLE715="Check if Elasticsearch Service domains have logging enabled (Not Scored) (Not part of CIS benchmark)"
 
 printCsvHeader() {
   >&2 echo ""
@@ -1912,6 +1914,32 @@ extra714(){
   done
 }
 
+extra715(){
+  # "Check if Elasticsearch Service domains have logging enabled (Not Scored) (Not part of CIS benchmark)"
+  textTitle "$ID715" "$TITLE715" "NOT_SCORED" "EXTRA"
+  for regx in $REGIONS; do
+    LIST_OF_DOMAINS=$($AWSCLI es list-domain-names $PROFILE_OPT --region $regx --query DomainNames --output text)
+    if [[ $LIST_OF_DOMAINS ]]; then
+      for domain in $LIST_OF_DOMAINS;do
+        SEARCH_SLOWLOG_ENABLED=$($AWSCLI es describe-elasticsearch-domain-config --domain-name $domain $PROFILE_OPT --region $regx --query DomainConfig.LogPublishingOptions.Options.SEARCH_SLOW_LOGS.Enabled --output text |grep -v ^None|grep -v ^False)
+        if [[ $SEARCH_SLOWLOG_ENABLED ]];then
+          textOK "$regx: ElasticSearch Service domain $domain SEARCH_SLOW_LOGS enabled" "$regx"
+        else
+          textWarn "$regx: ElasticSearch Service domain $domain SEARCH_SLOW_LOGS disabled!" "$regx"
+        fi
+        INDEX_SLOWLOG_ENABLED=$($AWSCLI es describe-elasticsearch-domain-config --domain-name $domain $PROFILE_OPT --region $regx --query DomainConfig.LogPublishingOptions.Options.INDEX_SLOW_LOGS.Enabled --output text |grep -v ^None|grep -v ^False)
+        if [[ $INDEX_SLOWLOG_ENABLED ]];then
+          textOK "$regx: ElasticSearch Service domain $domain INDEX_SLOW_LOGS enabled" "$regx"
+        else
+          textWarn "$regx: ElasticSearch Service domain $domain INDEX_SLOW_LOGS disabled!" "$regx"
+        fi
+      done
+    else
+      textOK "$regx: No Elasticsearch Service domain found" "$regx"
+    fi
+  done
+}
+
 callCheck(){
   if [[ $CHECKNUMBER ]];then
     case "$CHECKNUMBER" in
@@ -1981,6 +2009,7 @@ callCheck(){
       extra712|extra712 ) extra712;;
       extra713|extra713 ) extra713;;
       extra714|extra714 ) extra714;;
+      extra715|extra715 ) extra715;;
 
       ## Groups of Checks
       check1 )
@@ -2017,12 +2046,12 @@ callCheck(){
         ;;
       extras )
         extra71;extra72;extra73;extra74;extra75;extra76;extra77;extra78;
-        extra79;extra710;extra711;extra712;extra713;extra714
+        extra79;extra710;extra711;extra712;extra713;extra714;extra715
         ;;
       forensics-ready )
         check21;check22;check23;check24;check25;check26;check27;
         check43;
-        extra712;extra713;extra714
+        extra712;extra713;extra714;extra715
         ;;
       * )
         textWarn "ERROR! Use a valid check name (i.e. check41 or extra71)\n";
@@ -2106,7 +2135,8 @@ if [[ $PRINTCHECKSONLY == "1" ]]; then
   textTitle "$ID711" "$TITLE711" "NOT_SCORED" "EXTRA"
   textTitle "$ID712" "$TITLE712" "NOT_SCORED" "EXTRA"
   textTitle "$ID713" "$TITLE713" "NOT_SCORED" "EXTRA"
-  textTitle "$ID714" "$TITLE713" "NOT_SCORED" "EXTRA"
+  textTitle "$ID714" "$TITLE714" "NOT_SCORED" "EXTRA"
+  textTitle "$ID715" "$TITLE715" "NOT_SCORED" "EXTRA"
   exit $EXITCODE
 fi
 
@@ -2197,6 +2227,7 @@ extra711
 extra712
 extra713
 extra714
+extra715
 
 cleanTemp
 exit $EXITCODE