Workload misconfigurations

Ensure the logging level is set to ‘info’ (Automated)

Risk Level

Informational (4)

Platform(s)

  • N/A

Compliance Frameworks

Description

Setting up an appropriate log level, configures the Docker daemon to log events that you would want to review later. A base log level of info and above would capture all logs except debug logs. Until and unless required, you should not run Docker daemon at debug log level.

  • Recommended Mitigation

    Ensure that the Docker daemon configuration file has the following configuration included: 'log-level: ""info""'. Alternatively, run the Docker daemon as follows: 'dockerd --log-level=""info""

Need help?

Get a free Security Risk Assessment. Start today

See Orca in action See Orca in action-> View a 10 minute recorded demo or sign up for a personalized one-on-one walk-through.