Ensure the notification is enabled for file integrity operator

An XCCDF Rule

Description

The OpenShift platform provides the File Integrity Operator to monitor for unwanted file changes, and this control ensures proper notification alert is enabled so that system administrators and security personnel are notified about the alerts

warning alert: Warning

This rule's check operates on the cluster configuration dump. Therefore, you need to use a tool that can query the OCP API, retrieve the following:

/apis/monitoring.coreos.com/v1/prometheusrules API endpoint, filter with with the jq utility using the following filter [.items[] | select(.metadata.name =="file-integrity") | .metadata.name] and persist it to the local /apis/monitoring.coreos.com/v1/prometheusrules#dda8d6e19f5a89264301ce56ece4df115a14d8a85e3ae6bd3cd8eccd234252c5 file.

Rationale

File Integrity Operator is able to send out alerts

ID: xccdf_org.ssgproject.content_rule_file_integrity_notification_enabled
Severity: Medium
References: SI-4(24) SI-6 SI-7(2)

Req-11.5.1 Req-12.10.5

CCE-90572-9
Updated: about 1 year ago