The container platform must initiate session auditing upon startup.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-233041 | SRG-APP-000092-CTR-000165 | SV-233041r601871_rule | Medium |
| Description |
|---|
| When the container platform is started, container platform components and user services can also be started. It is important that the container platform begin auditing on startup in order to handle container platform startup events along with events for container platform components and services that begin on startup. |
| STIG | Date |
|---|---|
| Container Platform Security Requirements Guide | 2021-12-14 |
Details
| Check Text ( C-35977r601870_chk ) |
|---|
| Review the container platform configuration for session audits. Ensure audit policy for session logging at startup is enabled. Verify events are written to the log. Validate system documentation is current. If the container platform is not configured to meet this requirement, this is a finding. |
| Fix Text (F-35945r600611_fix) |
|---|
| Configure the container platform to generate audit logs for session logging at startup. Revise all applicable system documentation. |