UCF STIG Viewer Logo

Audit records must include when (date and time) the events occurred.


Overview

Finding ID Version Rule ID IA Controls Severity
V-216019 SOL-11.1-010150 SV-216019r603268_rule Medium
Description
Without accurate time stamps malicious activity cannot be accurately tracked.
STIG Date
Solaris 11 X86 Security Technical Implementation Guide 2021-11-23

Details

Check Text ( C-17257r372439_chk )
The Audit Configuration profile is required.

This check applies to the global zone only. Determine the zone that you are currently securing.

# zonename

If the command output is "global", this check applies.

Check the status of the audit system. It must be auditing.

# pfexec auditconfig -getcond

If this command does not report:

audit condition = auditing

this is a finding.
Fix Text (F-17255r372440_fix)
The Audit Control profile is required.

This action applies to the global zone only. Determine the zone that you are currently securing.

# zonename

If the command output is "global", this action applies.

If auditing has been disabled, it must be enabled with the following command:

# pfexec audit -s