The container runtime must generate audit records for all container execution, shutdown, restart events, and program initiations.

An XCCDF Rule

Details
Profiles
Prose

Description

<VulnDiscussion>The container runtime must generate audit records that are specific to the security and mission needs of the organization. Without audit record, it would be difficult to establish, correlate, and investigate events relating to an incident.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>

ID: SV-233270r961845_rule
Severity: Medium
References: CCI-000172
Updated: 17 days ago

Configure the container runtime to generate audit records for container execution, shutdown, and restart events.

The container runtime must generate audit records for all container execution, shutdown, restart events, and program initiations.

Description

Remediation - Manual Procedure