The operating system must allocate audit record storage capacity.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-29111	SRG-OS-000044	SV-37105r1_rule		Medium

Description
Operating system auditing capability is critical for accurate forensic analysis. Audit record content that may be necessary to satisfy the requirement of this control includes, time stamps, source and destination addresses, user/process identifiers, event descriptions, success/fail indications, file names involved, and access control or flow control rules invoked. It is imperative the operating system configured, allocate storage capacity to contain audit records.

Description

Operating system auditing capability is critical for accurate forensic analysis. Audit record content that may be necessary to satisfy the requirement of this control includes, time stamps, source and destination addresses, user/process identifiers, event descriptions, success/fail indications, file names involved, and access control or flow control rules invoked. It is imperative the operating system configured, allocate storage capacity to contain audit records.

STIG	Date
Operating System Security Requirements Guide	2013-03-28

Details

Check Text ( None )
None

Fix Text (None)
None