UCF STIG Viewer Logo

The operating system must produce audit records containing sufficient information to establish where the events occurred.


Overview

Finding ID Version Rule ID IA Controls Severity
V-29106 SRG-OS-000039 SV-37099r1_rule Medium
Description
Operating system auditing capability is critical for accurate forensic analysis. Audit record content that may be necessary to satisfy the requirement of this control includes, time stamps, source and destination addresses, user/process identifiers, event descriptions, success/fail indications, file names involved, and access control or flow control rules invoked. Without sufficient information establishing where the audit events occurred, investigation into the cause of events is severely hindered.
STIG Date
Operating System Security Requirements Guide 2013-03-28

Details

Check Text ( None )
None
Fix Text (None)
None