The operating system must immediately notify the SA and ISSO (at a minimum) when allocated audit record storage volume reaches 75% of the repository maximum audit record storage capacity.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-203702 | SRG-OS-000343-GPOS-00134 | SV-203702r379696_rule | Medium |
| Description |
|---|
| If security personnel are not notified immediately when storage volume reaches 75% utilization, they are unable to plan for audit record storage capacity expansion. |
| STIG | Date |
|---|---|
| General Purpose Operating System Security Requirements Guide | 2022-06-06 |
Details
| Check Text ( C-3827r375053_chk ) |
|---|
| Verify the operating system immediately notifies the SA and ISSO (at a minimum) when allocated audit record storage volume reaches 75% of the repository maximum audit record storage capacity. If it does not, this is a finding. |
| Fix Text (F-3827r375054_fix) |
|---|
| Configure the operating system to immediately notify the SA and ISSO (at a minimum) when allocated audit record storage volume reaches 75% of the repository maximum audit record storage capacity. |