TF 0275 - SymbioticSec/Symbiotic-Vulnerability-Database GitHub Wiki
Ensure that the --audit-log-maxsize argument is set to 100 or as appropriate
| Property | Value |
|---|---|
| Language |  |
| Severity |  |
Description
The Kubernetes API server is missing the --audit-log-maxsize argument, which means audit logs are not automatically rotated when they reach a certain size. Without this limit, audit log files can grow indefinitely.
Impact
Unrestricted audit log growth can consume excessive disk space on the control plane node, potentially leading to denial of service, degraded cluster performance, or loss of important log data if the disk becomes full.
Resolution
Edit the API server pod specification file /etc/kubernetes/manifests/kube-apiserver.yaml on the Control Plane node and set the --audit-log-maxsize parameter to an appropriate size in MB