3.2.2 Ensure that the audit policy covers key security concerns - openshift-kube-apiserver


Ensure that the audit policy created for the cluster covers key security concerns.


Security audit logs should cover access and modification of key resources in the cluster, to enable them to form an effective part of a security environment.


Increasing audit logging will consume resources on the nodes or other log destinations.

NOTE: Nessus has provided the target output to assist in reviewing the benchmark to ensure target compliance.


Update the audit log policy profile to use WriteRequestBodies.

Default Value:

Audit logging is configured by default using the Default audit policy, but you are advised to review the log retention settings and log levels to align with your cluster's security posture.

See Also