Best practices

K8S API server configuration audit-log-maxage is less than 30 days

Risk Level

Informational (4)

Platform(s)
  • N/A

Compliance Frameworks

Description

Retaining logs for at least 30 days ensures that you can go back in time and investigate or correlate any events. Set your audit log retention period to 30 days or as per your business requirements. Orca has detected that the '--audit-log-maxage' parameter is set to less than 30 days, which could lead to lost logs in case a log analysis is required.
  • Recommended Mitigation

    It is recommended to set the '--audit-log-path' parameter in the configuration file to at least 30 days.