UCF STIG Viewer Logo

Cron logging must be implemented.


Overview

Finding ID Version Rule ID IA Controls Severity
V-982 GEN003160 SV-38549r1_rule ECAR-2 ECAR-1 ECAR-3 Medium
Description
Cron logging can be used to trace the successful or unsuccessful execution of cron jobs. It can also be used to spot intrusions into the use of the cron facility by unauthorized and malicious users.
STIG Date
HP-UX 11.23 Security Technical Implementation Guide 2015-12-02

Details

Check Text ( C-36455r1_chk )
# ls -lL /var/adm/cron/log

If this file does not exist, or has a timestamp older than the last cron job, this is a finding.
Fix Text (F-31794r1_fix)
Enable cron/logging on the system via:

# /sbin/init.d/cron stop
# mv
# /sbin/init.d/cron start
# more /var/adm/cron/log

Cron automatically handles its own logging function and (at least) the Start Time should be visible at the beginning of the new log file /var/adm/cron/log.