Best practices

K8S API server configuration audit-log-maxbackup is less than 10 files

Risk Level

Informational (4)

Platform(s)
  • N/A

Compliance Frameworks

Description

Kubernetes automatically rotates the log files. Retaining old log files ensures that you would have sufficient log data available for carrying out any investigation or correlation. Orca has detected that the '--audit-log-maxbackup' parameter is set to less then 10, which could lead to lost logs in case a log analysis is required.
  • Recommended Mitigation

    It is recommended to set the 'audit-log-maxbackup' parameter in the configuration file to at least 10 files.