Prisma Cloud Compute must not write sensitive data to event logs.
Severity | Group ID | Group Title | Version | Rule ID | Date | STIG Version |
|---|---|---|---|---|---|---|
| medium | V-253541 | SRG-APP-000266-CTR-000625 | CNTR-PC-000880 | SV-253541r961167_rule | 2026-02-13 | 2 |
Description
The determination of what is sensitive data varies from organization to organization. The organization must ensure the recipients for the event log information have a need to know and the log is sanitized based on the audience.
ℹ️ Check
Navigate to Prisma Cloud Compute Console's >> Manage >> System >> General tab.
Inspect the Log Scrubbing section. If "Automatically scrub secrets from runtime events" is "off", this is a finding.
✔️ Fix
Navigate to Prisma Cloud Compute Console's >> Manage >> System >> General tab.
In the Log Scrubbing section, set "Automatically scrub secrets from runtime events" to "on" and click "Save".