The container platform must use internal system clocks to generate audit record time stamps.
Severity | Group ID | Group Title | Version | Rule ID | Date | STIG Version |
|---|---|---|---|---|---|---|
| medium | V-233055 | SRG-APP-000116 | SRG-APP-000116-CTR-000235 | SV-233055r960927_rule | 2024-12-05 | 2 |
| Description |
|---|
| Understanding when and sequence of events for an incident is crucial to understand what may have taken place. Without a common clock, the components generating audit events could be out of synchronization and would then present a picture of the event that is warped and corrupted. To give a clear picture, it is important that the container platform and its components use a common internal clock. |
| ℹ️ Check |
|---|
| Review the container platform configuration files to determine if the internal system clock is used for time stamps. If the container platform does not use the internal system clock to generate time stamps, this is a finding. |
| ✔️ Fix |
|---|
| Configure the container platform to use internal system clocks to generate time stamps for log records. |