The container platform must initiate session auditing upon startup.
Severity | Group ID | Group Title | Version | Rule ID | Date | STIG Version |
|---|---|---|---|---|---|---|
| medium | V-233041 | SRG-APP-000092 | SRG-APP-000092-CTR-000165 | SV-233041r960888_rule | 2024-12-05 | 2 |
| Description |
|---|
| When the container platform is started, container platform components and user services can also be started. It is important that the container platform begin auditing on startup in order to handle container platform startup events along with events for container platform components and services that begin on startup. |
| ℹ️ Check |
|---|
| Review the container platform configuration for session audits. Ensure audit policy for session logging at startup is enabled. Verify events are written to the log. Validate system documentation is current. If the container platform is not configured to meet this requirement, this is a finding. |
| ✔️ Fix |
|---|
| Configure the container platform to generate audit logs for session logging at startup. Revise all applicable system documentation. |