All audit records must identify what type of event has occurred within the container platform.
An XCCDF Rule
Description
<VulnDiscussion>Within the container platform, audit data can be generated from any of the deployed container platform components. This audit data is important when there are issues, such as security incidents, that must be investigated. To make the audit data worthwhile for the investigation of events, it is necessary to know what type of event occurred.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>
- ID
- SV-233042r960891_rule
- Severity
- Medium
- References
- Updated
Remediation - Manual Procedure
Configure the container platform to include the event type in the log data. Revise all applicable system documentation.