Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-219968 | SOL-11.1-010410 | SV-219968r603267_rule | High |
Description |
---|
Overflowing the audit storage area can result in a denial of service or system outage. |
STIG | Date |
---|---|
Solaris 11 SPARC Security Technical Implementation Guide | 2021-05-28 |
Check Text ( C-21678r370913_chk ) |
---|
The Audit Configuration profile is required. This check applies to the global zone only. Determine the zone that you are currently securing. # zonename If the command output is "global", this check applies. Check the status of the audit system. It must be auditing. # pfexec auditconfig -getplugin If the output of this command does not contain: p_fsize=4M this is a finding. |
Fix Text (F-21677r370914_fix) |
---|
The Audit Control profile is required. This action applies to the global zone only. Determine the zone that you are currently securing. # zonename If the command output is "global", this action applies. Set the size of a binary audit file to a specific size. The size is specified in megabytes. # pfexec auditconfig -setplugin audit_binfile p_fsize=4M Restart the audit system. # pfexec audit -s |