UCF STIG Viewer Logo

Audit records must include the outcome (success or failure) of the events that occurred.


Overview

Finding ID Version Rule ID IA Controls Severity
V-216022 SOL-11.1-010180 SV-216022r603268_rule Medium
Description
Tracking both the successful and unsuccessful attempts aids in identifying threats to the system.
STIG Date
Solaris 11 X86 Security Technical Implementation Guide 2021-11-23

Details

Check Text ( C-17260r372448_chk )
The Audit Configuration profile is required.

This check applies to the global zone only. Determine the zone that you are currently securing.

# zonename

If the command output is "global", this check applies.

Check the status of the audit system. It must be auditing.

# pfexec auditconfig -getcond

If this command does not report:

audit condition = auditing

this is a finding.
Fix Text (F-17258r372449_fix)
The Audit Control profile is required.

This action applies to the global zone only. Determine the zone that you are currently securing.

# zonename

If the command output is "global", this action applies.

If auditing has been disabled, it must be enabled with the following command:

# pfexec audit -s