The Tanium operating system (TanOS) must provide an immediate warning to the SA and ISSO (at a minimum) when allocated audit record storage volume reaches 75 percent of repository maximum audit record storage capacity.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-254863 | TANS-OS-001035 | SV-254863r866130_rule | Medium |
| Description |
|---|
| If security personnel are not notified immediately when storage volume reaches 75 percent, they are unable to plan for audit record storage capacity expansion. |
| STIG | Date |
|---|---|
| Tanium 7.x Operating System on TanOS Security Technical Implementation Guide | 2022-10-31 |
Details
| Check Text ( C-58476r866128_chk ) |
|---|
| 1. Access the TanOS interactively. 2. Press "A" for "Appliance Configuration Menu," and then press "Enter". 3. Press "5" for "SNMP Configuration," and then press "Enter". If the State is "Disabled" this is a finding. If the state is "Enabled", work with the SNMP monitoring system administrator to ensure warnings are sent when TanOS storage reaches 75 percent of capacity. If they are not being sent, and this is a finding. |
| Fix Text (F-58420r866129_fix) |
|---|
| 1. Access the TanOS interactively. 2. Press "A" for "Appliance Configuration Menu," and then press "Enter". 3. Press "5" for "SNMP Configuration," and then press "Enter". 4. Press "S" for "Set Password and Start the SNMP Service," and then press "Enter". 5. Enter the desired SNMP password and press "Enter". 6. Press "Enter" to continue and return to the SNMP configuration menu and verify the state is now "Enabled". Work with the SNMP monitoring system administrator to enable warning alerts for low free space. |