Check: SRG-APP-000374-CTR-000865
Container Platform SRG:
SRG-APP-000374-CTR-000865
(in versions v1 r5 through v1 r1)
Title
All audit records must use UTC or GMT time stamps. (Cat II impact)
Discussion
The container platform and its components must generate audit records using either Coordinated Universal Time (UTC) or Greenwich Mean Time (GMT) time stamps or local time that offset from UTC. All the components must use the same standard so that the events can be tied together to understand what took place within the overall container platform. Time stamps generated by the container platform and its components must include date and time.
Check Content
Review the container platform documentation and configuration files to determine if time stamps for log records can be mapped to UTC or GMT or local time that offsets from UTC. If the time stamp cannot be mapped to UTC or GMT, this is a finding.
Fix Text
Configure the container platform to use UTC or GMT or local time that offset from UTC based time stamps for log records.
Additional Identifiers
Rule ID: SV-233181r879747_rule
Vulnerability ID: V-233181
Group Title: SRG-APP-000374
Expert Comments
CCIs
Number | Definition |
---|---|
CCI-001890 |
The information system records time stamps for audit records that can be mapped to Coordinated Universal Time (UTC) or Greenwich Mean Time (GMT). |
Controls
Number | Title |
---|---|
AU-8 |
Time Stamps |