All audit records must identify the source of the event within the container platform.
An XCCDF Rule
Description
<VulnDiscussion>Audit data is important when there are issues, to include security incidents that must be investigated. Since the audit data may be part of a larger audit system, it is important for the audit data to also include the container platform name for traceability back to the container platform itself and not just the container platform components.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>
- ID
- SV-233045r879566_rule
- Severity
- Medium
- References
- Updated
Remediation - Manual Procedure
Configure the container platform registry, keystore, and runtime to generate the source of each loggable event. Revise all applicable system documentation.