STIGQter: STIG Summary: Container Platform Security Requirements Guide Version: 1 Release: 1 Benchmark Date: 20 Nov 2020:

The container platform components must provide the ability to send audit logs to a central enterprise repository for review and analysis.

DISA Rule

SV-233052r599547_rule

Vulnerability Number

V-233052

Group Title

SRG-APP-000111

Rule Version

SRG-APP-000111-CTR-000220

Severity

CAT II

CCI(s)

• CCI-000154 - The information system provides the capability to centrally review and analyze audit records from multiple components within the system.

Weight

10

Fix Recommendation

Configure the container platform components to send audit logs to a central managed audit log repository.

Check Contents

Review the configuration settings to determine if the container platform components are configured to send audit events to central managed audit log repository.

If the container platform is not configured to send audit events to central managed audit log repository, this is a finding.

Vulnerability Number

V-233052

Documentable

False

Rule Version

SRG-APP-000111-CTR-000220

Severity Override Guidance

Review the configuration settings to determine if the container platform components are configured to send audit events to central managed audit log repository.

If the container platform is not configured to send audit events to central managed audit log repository, this is a finding.

Check Content Reference

M

Target Key

5239

Comments