Security Logging Events
- Robert Heinemann
ID | Type | Description | Reference |
|---|---|---|---|
CON-LOG-REQ-1 | REQUIRED | The container and container application MUST log successful and unsuccessful authentication attempts, e.g., authentication associated with a transaction, authentication to create a session, authentication to assume elevated privilege. | |
CON-LOG-REQ-2 | The container and container application MUST log logoffs. | ||
CON-LOG-REQ-3 | The container and container application MUST log starting and stopping of security logging. | ||
CON-LOG-REQ-4 | The container and container application MUST log success and unsuccessful creation, removal, or change to the inherent privilege level of users. | ||
CON-LOG-REQ-5 | The container and container application MUST log connections to the network listeners of the container. | ||
CON-LOG-REQ-6 | The container and container application MUST log the addition, deletion or modification of files in the container. | ||
CON-LOG-REQ-MP05 | The container MUST log lifecycle events | ||
CON-LOG-REQ-MP06 | Log anonymous requests | ||
CON-LOG-REQ-MP07 | Container administration services activities and executed commands MUST be logged. (e.g., Build requests, Runtime commands) (Available in docker Daemon Logs) | ||
CON-LOG-REQ-MP08 | The container MUST log API calls (such as: syscalls, those that deploy containers, Discovery API). (Available in docker daemon log). | ||
CON-LOG-REQ-MP09 | The container MUST log creation of scheduled jobs in containers. ( Available at the K8S level) | ||
CON-LOG-REQ-MP10 | Image registry events MUST be logged (e.g., additions) | ||