UCF STIG Viewer Logo

The system must log authentication informational data.


Overview

Finding ID Version Rule ID IA Controls Severity
V-227810 GEN003660 SV-227810r603266_rule Medium
Description
Monitoring and recording successful and unsuccessful logins assists in tracking unauthorized access to the system.
STIG Date
Solaris 10 X86 Security Technical Implementation Guide 2020-12-04

Details

Check Text ( C-29972r489787_chk )
Check /etc/syslog.conf and verify the auth facility is logging both the notice and info level messages by using one of the procedures below.

# grep "auth.notice" /etc/syslog.conf
# grep "auth.info" /etc/syslog.conf
OR
# grep 'auth.*' /etc/syslog.conf

If auth.* is not found, and either auth.notice or auth.info is not found, this is a finding.
Fix Text (F-29960r489788_fix)
Edit /etc/syslog.conf and add local log destinations for auth.* or both auth.notice and auth.info.