All audit records must generate the event results within the container platform.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
| V-233046 | SRG-APP-000099-CTR-000190 | SV-233046r960903_rule | CCI-000134 | medium |
| Description | ||||
| Within the container platform, audit data can be generated from any of the deployed container platform components. This audit data is important when there are issues, such as security incidents, that must be investigated. To make the audit data worthwhile for the investigation of events, it is necessary to know the outcome of the event. | ||||
| STIG | Date | |||
| Container Platform Security Requirements Guide | 2025-05-15 | |||
Related Frameworks
4 paths across 3 frameworks
Related Frameworks
NIST 800-531 mapping
AU-3
1.00
- DISA · 2 · disa_xccdf · related
- DISA · 2025-01-23 · disa_cci_list · equivalent
NIST 800-1712 mappings
3.3.1
1.00
- DISA · 2 · disa_xccdf · related
- DISA · 2025-01-23 · disa_cci_list · equivalent
- NIST · Rev 2 (Feb 2020, errata Jan 2021) · nist_800_171_app_d · equivalent
3.3.2
1.00
- DISA · 2 · disa_xccdf · related
- DISA · 2025-01-23 · disa_cci_list · equivalent
- NIST · Rev 2 (Feb 2020, errata Jan 2021) · nist_800_171_app_d · equivalent
CCI1 mapping
CCI-000134
1.00
- DISA · 2 · disa_xccdf · related
Details
Check Text (C-233046r960903_chk)
Review the container platform configuration to determine if audit records contain the audit event results.
Generate audit records and review the data to validate that the record does contain the event result.
If the container platform is not configured to generate audit records with the event result or the audit record does not contain the event result, this is a finding.
Fix Text (F-35950r600626_fix)
Configure the container platform to generate audit records that contain the event result.