Capacity
CIP-007-3 R5
1
Rule
Severity: Medium
Ensure that Audit Log Forwarding Is Enabled
1
Rule
Severity: Medium
Configure An Identity Provider
1
Rule
Severity: Medium
Do Not Use htpasswd-based IdP
1
Rule
Severity: Medium
Ensure that the kubeadmin secret has been removed
25
Rule
Severity: Medium
Set Account Expiration Following Inactivity
29
Rule
Severity: Medium
Record Events that Modify User/Group Information
13
Rule
Severity: Medium
Set existing passwords a period of inactivity before they been locked
32
Rule
Severity: Medium
Ensure auditd Collects Information on the Use of Privileged Commands
11
Rule
Severity: Medium
Record Events that Modify User/Group Information via open syscall - /etc/group
11
Rule
Severity: Medium
Record Events that Modify User/Group Information via open_by_handle_at syscall - /etc/group
11
Rule
Severity: Medium
Record Events that Modify User/Group Information via openat syscall - /etc/group
11
Rule
Severity: Medium
Record Events that Modify User/Group Information via open syscall - /etc/gshadow
11
Rule
Severity: Medium
Record Events that Modify User/Group Information via open_by_handle_at syscall - /etc/gshadow
11
Rule
Severity: Medium
Record Events that Modify User/Group Information via openat syscall - /etc/gshadow
11
Rule
Severity: Medium
Record Events that Modify User/Group Information via open syscall - /etc/passwd
11
Rule
Severity: Medium
Record Events that Modify User/Group Information via open_by_handle_at syscall - /etc/passwd
11
Rule
Severity: Medium
Record Events that Modify User/Group Information via openat syscall - /etc/passwd
11
Rule
Severity: Medium
Record Events that Modify User/Group Information via open syscall - /etc/shadow
11
Rule
Severity: Medium
Record Events that Modify User/Group Information via open_by_handle_at syscall - /etc/shadow
11
Rule
Severity: Medium
Record Events that Modify User/Group Information via openat syscall - /etc/shadow
25
Rule
Severity: Medium
Record Events that Modify User/Group Information - /etc/group
24
Rule
Severity: Medium
Record Events that Modify User/Group Information - /etc/gshadow
25
Rule
Severity: Medium
Record Events that Modify User/Group Information - /etc/security/opasswd
25
Rule
Severity: Medium
Record Events that Modify User/Group Information - /etc/passwd
30
Rule
Severity: Unknown
Enable rsyslog to Accept Messages via TCP, if Acting As Log Server
25
Rule
Severity: Medium
Record Events that Modify User/Group Information - /etc/shadow
30
Rule
Severity: Unknown
Enable rsyslog to Accept Messages via UDP, if Acting As Log Server
17
Rule
Severity: Medium
Record Any Attempts to Run semanage
20
Rule
Severity: Medium
Ensure auditd Collects Information on the Use of Privileged Commands - chage
20
Rule
Severity: Medium
Ensure auditd Collects Information on the Use of Privileged Commands - chsh
20
Rule
Severity: Medium
Ensure auditd Collects Information on the Use of Privileged Commands - gpasswd
13
Rule
Severity: Medium
Ensure auditd Collects Information on the Use of Privileged Commands - newgidmap
20
Rule
Severity: Medium
Ensure auditd Collects Information on the Use of Privileged Commands - newgrp
13
Rule
Severity: Medium
Ensure auditd Collects Information on the Use of Privileged Commands - newuidmap
20
Rule
Severity: Medium
Ensure auditd Collects Information on the Use of Privileged Commands - passwd
20
Rule
Severity: Medium
Ensure auditd Collects Information on the Use of Privileged Commands - unix_chkpwd
12
Rule
Severity: Medium
Ensure auditd Collects Information on the Use of Privileged Commands - usernetctl
1
Rule
Severity: Medium
Ensure that the cluster's audit profile is properly set
1
Rule
Severity: Medium
Ensure that API server audit logging is enabled
Patternfly
PatternFly elements
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.
Modules