Skip to content

All audit records must identify the source of the event within the container platform.

An XCCDF Rule

Description

<VulnDiscussion>Audit data is important when there are issues, to include security incidents that must be investigated. Since the audit data may be part of a larger audit system, it is important for the audit data to also include the container platform name for traceability back to the container platform itself and not just the container platform components.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>

ID
SV-233045r879566_rule
Severity
Medium
References
Updated



Remediation - Manual Procedure

Configure the container platform registry, keystore, and runtime to generate the source of each loggable event. Revise all applicable system documentation.