UCF STIG Viewer Logo

The node that runs Prisma Cloud Compute containers must have sufficient disk space to allocate audit record storage capacity in accordance with organization-defined audit record storage requirements.


Finding ID Version Rule ID IA Controls Severity
V-253542 CNTR-PC-001030 SV-253542r840464_rule Medium
To ensure sufficient storage capacity in which to write the audit logs, Prisma Cloud compute must be able to allocate audit record storage capacity.
Palo Alto Networks Prisma Cloud Compute Security Technical Implementation Guide 2022-08-24


Check Text ( C-56994r840462_chk )
When deploying Prisma Cloud Compute within a Kubernetes cluster, the Console's persistent value is by default 100GB.

The logs are stored within this persistent volume. Within the Kubernetes cluster, issue the command "kubectl get pv".

If the twistlock/twistlock-console claim's capacity is not 100GB or greater, this is a finding.
Fix Text (F-56945r840463_fix)
When deploying the Prisma Cloud Console, specify the size of the persistent volume with the "—persistent-volume-storage" parameter.