3.2.2 Ensure that the audit policy covers key security concerns - openshift-apiserver

Warning! Audit Deprecated

This audit has been deprecated and will be removed in a future update.

View Next Audit Version

Information

Ensure that the audit policy created for the cluster covers key security concerns.

Rationale:

Security audit logs should cover access and modification of key resources in the cluster, to enable them to form an effective part of a security environment.

Impact:

Increasing audit logging will consume resources on the nodes or other log destinations.

NOTE: Nessus has provided the target output to assist in reviewing the benchmark to ensure target compliance.

Solution

In OpenShift 4.6 and higher, if appropriate for your needs, modify the audit policy.

Default Value:

By default, OpenShift 4 logs audit data for the API server. In OpenShift 4.6 and above, the audit policy can be configured.

See Also

https://workbench.cisecurity.org/files/3980