UCF STIG Viewer Logo



Number Title Impact Priority Subject Area
AU-3 Content Of Audit Records LOW P1 Audit And Accountability

The information system generates audit records containing information that establishes what type of event occurred, when the event occurred, where the event occurred, the source of the event, the outcome of the event, and the identity of any individuals or subjects associated with the event.
Audit record content that may be necessary to satisfy the requirement of this control, includes, for example, time stamps, source and destination addresses, user/process identifiers, event descriptions, success/fail indications, filenames involved, and access control or flow control rules invoked. Event outcomes can include indicators of event success or failure and event-specific results (e.g., the security state of the information system after the event occurred).

AU-3 (1) Additional Audit Information MODERATE
Detailed information that organizations may consider in audit records includes, for example, full text recording of privileged commands or the individual identities of group account users. Organizations consider limiting the additional audit information to only that information explicitly needed for specific audit requirements. This facilitates the use of audit trails and audit logs by not including information that could potentially be misleading or could make it more difficult to locate information of interest.

The information system generates audit records containing the following additional information: Assignment: organization-defined additional, more detailed information.

AU-3 (2) Centralized Management Of Planned Audit Record Content HIGH
This control enhancement requires that the content to be captured in audit records be configured from a central location (necessitating automation). Organizations coordinate the selection of required audit content to support the centralized management and configuration capability provided by the information system.

The information system provides centralized management and configuration of the content to be captured in audit records generated by Assignment: organization-defined information system components.