STIGQter: STIG Summary: Container Platform Security Requirements Guide Version: 1 Release: 1 Benchmark Date: 20 Nov 2020:

All audit records must identify what type of event has occurred within the container platform.

DISA Rule

SV-233042r599529_rule

Vulnerability Number

V-233042

Group Title

SRG-APP-000095

Rule Version

SRG-APP-000095-CTR-000170

Severity

CAT II

CCI(s)

• CCI-000130 - The information system generates audit records containing information that establishes what type of event occurred.

Weight

10

Fix Recommendation

Configure the container platform to include the event type in the log data. Revise all applicable system documentation.

Check Contents

Review the container platform configuration for audit event types. Ensure audit policy for event type is enabled.

Verify records showing what type of event occurred are written to the log.

Validate system documentation is current.

If log data does not show the type of event, this is a finding.

Vulnerability Number

V-233042

Documentable

False

Rule Version

SRG-APP-000095-CTR-000170

Severity Override Guidance

Review the container platform configuration for audit event types. Ensure audit policy for event type is enabled.

Verify records showing what type of event occurred are written to the log.

Validate system documentation is current.

If log data does not show the type of event, this is a finding.

Check Content Reference

M

Target Key

5239

Comments