Detections
Analytics

800-53|SI-7(8)

Title

AUDITING CAPABILITY FOR SIGNIFICANT EVENTS

Description

The information system, upon detection of a potential integrity violation, provides the capability to audit the event and initiates the following actions: [Selection (one or more): generates an audit record; alerts current user; alerts [Assignment: organization-defined personnel or roles]; [Assignment: organization-defined other actions]].

Supplemental

Organizations select response actions based on types of software, specific software, or information for which there are potential integrity violations.

Reference Item Details

Related: AU-12,AU-2,AU-6

Category: SYSTEM AND INFORMATION INTEGRITY

Parent Title: SOFTWARE, FIRMWARE, AND INFORMATION INTEGRITY

Family: SYSTEM AND INFORMATION INTEGRITY

Audit Items

View all Reference Audit Items

NamePluginAudit Name
DKER-EE-001080 - The audit log configuration level must be set to request in the Universal Control Plane (UCP) component of Docker Enterprise.UnixDISA STIG Docker Enterprise 2.x Linux/Unix UCP v2r2
DKER-EE-001090 - The host operating systems auditing policies for the Docker Engine - Enterprise component of Docker Enterprise must be set - docker pathsUnixDISA STIG Docker Enterprise 2.x Linux/Unix v2r2
DKER-EE-001090 - The host operating systems auditing policies for the Docker Engine - Enterprise component of Docker Enterprise must be set - docker servicesUnixDISA STIG Docker Enterprise 2.x Linux/Unix v2r2
DKER-EE-003610 - Only trusted, signed images must be on Universal Control Plane (UCP) in Docker Enterprise.UnixDISA STIG Docker Enterprise 2.x Linux/Unix v2r2
DKER-EE-004260 - Only trusted, signed images must be stored in Docker Trusted Registry (DTR) in Docker Enterprise.UnixDISA STIG Docker Enterprise 2.x Linux/Unix DTR v2r2
DKER-EE-004370 - Docker Content Trust enforcement must be enabled in Universal Control Plane (UCP).UnixDISA STIG Docker Enterprise 2.x Linux/Unix UCP v2r2