The operating system must alert designated organizational officials in the event of an audit processing failure.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-47845	SOL-11.1-010390	SV-60719r1_rule		High

Description
Proper alerts to system administrators and IA officials of audit failures ensure a timely response to critical system issues.

STIG	Date
Solaris 11 SPARC Security Technical Implementation Guide	2017-04-28

Details

Check Text ( None )
None

Fix Text (F-51463r1_fix)
The root role is required. This action applies to the global zone only. Determine the zone that you are currently securing. # zonename If the command output is "global", this action applies. Add an audit_warn alias to /etc/mail/aliases that will forward to designated system administrator(s). # pfedit /etc/mail/aliases Insert a line in the form: audit_warn:user1,user2 Put the updated aliases file into service. # newaliases

Fix Text (F-51463r1_fix)

The root role is required.

This action applies to the global zone only. Determine the zone that you are currently securing.

# zonename

If the command output is "global", this action applies.

Add an audit_warn alias to /etc/mail/aliases that will forward to designated system administrator(s).

# pfedit /etc/mail/aliases

Insert a line in the form:
audit_warn:user1,user2

Put the updated aliases file into service.
# newaliases