The HP-UX AUDOMON_ARGS flag must be set to: -p 20, -t 1, -w 90.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-4290 | GEN000000-HPUX0040 | SV-38429r1_rule | ECAR-1 ECAR-2 ECAR-3 | Medium |
| Description |
|---|
| The minimal set of auditing requirements necessary to collect useful forensics data and provide user help when violations are detected must be configured. |
| STIG | Date |
|---|---|
| HP-UX 11.31 Security Technical Implementation Guide | 2013-03-28 |
Details
| Check Text ( C-36226r1_chk ) |
|---|
| Determine if the following flags are set for auditing: # more /etc/rc.config.d/auditing The AUDOMON_ARGS flag should be the last line in the file. Examine the arguments and compare them to -p 20, -t 1, -w 90. If any of these differ, this is a finding. |
| Fix Text (F-31485r1_fix) |
|---|
| Set the AUDOMON_ARGS flag to -p 20, -t 1, -w 90 and restart auditing. |