The network device must provide a warning when the logging storage capacity reaches an organizationally defined percentage of maximum allocated audit record storage capacity.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| SRG-NET-000084-NDM-000058 | SRG-NET-000084-NDM-000058 | SRG-NET-000084-NDM-000058_rule | Low |
| Description |
|---|
| The central audit server configuration must include an allocation of space sufficient for the network device audit trail log. The audit server must generate an alert when the capacity reaches an organizationally defined threshold. Without this notification, the system administrators may be unaware of an impending failure of the audit capability and system operation may be adversely affected. |
| STIG | Date |
|---|---|
| Network Device Management Security Requirements Guide | 2013-07-30 |
Details
| Check Text ( C-SRG-NET-000084-NDM-000058_chk ) |
|---|
| Verify the network device issues a warning when the organizationally defined percentage of maximum allocated audit record storage capacity is reached. If the network device does not issue a warning when the defined percentage of maximum allocated audit storage capacity is reached, this is a finding. |
| Fix Text (F-SRG-NET-000084-NDM-000058_fix) |
|---|
| Configure the network device to issue a warning when the organizationally defined percentage of maximum allocated audit record storage capacity is reached. |