UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

Local logging must be enabled.


Overview

Finding ID Version Rule ID IA Controls Severity
V-25270 OSX00150 M6 SV-38522r1_rule ECAR-1 ECAR-2 ECAR-3 Medium
Description
Logging is essential for tracking system events, in the event of unauthorized access, logs may contain information about how and when the access occurred. Ensure logging is enabled and log files are properly rotated. The default configuration in /etc/newsyslog.conf is used to configure local logging in the /var/log folder. The computer is set to rotate log files using the periodic launchd job according to time intervals specified in the /etc/newsyslog.conf file.
STIG Date
MAC OSX 10.6 Workstation Security Technical Implementation Guide Draft 2013-01-10

Details

Check Text ( C-37735r1_chk )
Open a terminal session and enter the following command.

more /etc/newsyslog.conf

If the count values are not set to "14", this is a finding.

Fix Text (F-32979r1_fix)
Open a terminal session and edit the following file and set the count value(s) to "14".

/etc/newsyslog.conf