Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
Ubuntu 22.04 LTS must have a crontab script running weekly to offload audit events of standalone systems.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-260587 | UBTU-22-651035 | SV-260587r953574_rule | Low |
| Description |
|---|
| Information stored in one location is vulnerable to accidental or incidental deletion or alteration. Offloading is a common process in information systems with limited audit storage capacity. |
| STIG | Date |
|---|---|
| Canonical Ubuntu 22.04 LTS Security Technical Implementation Guide | 2024-03-21 |
Details
| Check Text ( C-64316r953572_chk ) |
|---|
| Verify there is a script that offloads audit data and that script runs weekly by using the following command: Note: If the system is not connected to a network, this requirement is not applicable. $ ls /etc/cron.weekly Check if the script inside the file does offloading of audit logs to external media. If the script file does not exist or does not offload audit logs, this is a finding. |
| Fix Text (F-64224r953573_fix) |
|---|
| Create a script that offloads audit logs to external media and runs weekly. The script must be located in the "/etc/cron.weekly" directory. |