| DISA_STIG_Solaris_11_SPARC_v2r6.audit from DISA Solaris 11 SPARC v2r6 STIG | |
| SOL-11.1-010040 - The audit system must produce records containing sufficient information to establish the identity of any user/subject associated with the event. | AUDIT AND ACCOUNTABILITY |
| SOL-11.1-010060 - The audit system must support an audit reduction capability. | AUDIT AND ACCOUNTABILITY |
| SOL-11.1-010070 - The audit system records must be able to be used by a report generation capability. | AUDIT AND ACCOUNTABILITY |
| SOL-11.1-010080 - The operating system must provide the capability to automatically process audit records for events of interest based upon selectable, event criteria. | AUDIT AND ACCOUNTABILITY |
| SOL-11.1-010100 - The audit records must provide data for all auditable events defined at the organizational level for the organization-defined information system components. | AUDIT AND ACCOUNTABILITY |
| SOL-11.1-010120 - The operating system must generate audit records for the selected list of auditable events as defined in DoD list of events. | AUDIT AND ACCOUNTABILITY |
| SOL-11.1-010130 - The operating system must support the capability to compile audit records from multiple components within the system into a system-wide (logical or physical) audit trail that is time-correlated to within organization-defined level of tolerance. | AUDIT AND ACCOUNTABILITY |
| SOL-11.1-010140 - Audit records must include what type of events occurred. | AUDIT AND ACCOUNTABILITY |
| SOL-11.1-010150 - Audit records must include when (date and time) the events occurred. | AUDIT AND ACCOUNTABILITY |
| SOL-11.1-010160 - Audit records must include where the events occurred. | AUDIT AND ACCOUNTABILITY |
| SOL-11.1-010170 - Audit records must include the sources of the events that occurred. | AUDIT AND ACCOUNTABILITY |
| SOL-11.1-010180 - Audit records must include the outcome (success or failure) of the events that occurred. | AUDIT AND ACCOUNTABILITY |
| SOL-11.1-010220 - The audit system must be configured to audit file deletions - getpolicy | CONFIGURATION MANAGEMENT |
| SOL-11.1-010220 - The audit system must be configured to audit file deletions. | CONFIGURATION MANAGEMENT |
| SOL-11.1-010230 - The audit system must be configured to audit account creation - getpolicy | ACCESS CONTROL |
| SOL-11.1-010230 - The audit system must be configured to audit account creation. | ACCESS CONTROL |
| SOL-11.1-010250 - The audit system must be configured to audit account modification - getpolicy | ACCESS CONTROL |
| SOL-11.1-010250 - The audit system must be configured to audit account modification. | ACCESS CONTROL |
| SOL-11.1-010260 - The operating system must automatically audit account disabling actions - getpolicy | ACCESS CONTROL |
| SOL-11.1-010260 - The operating system must automatically audit account disabling actions. | ACCESS CONTROL |
| SOL-11.1-010270 - The operating system must automatically audit account termination - getpolicy | ACCESS CONTROL |
| SOL-11.1-010270 - The operating system must automatically audit account termination. | ACCESS CONTROL |
| SOL-11.1-010290 - The operating system must ensure unauthorized, security-relevant configuration changes detected are tracked - getpolicy | CONFIGURATION MANAGEMENT |
| SOL-11.1-010290 - The operating system must ensure unauthorized, security-relevant configuration changes detected are tracked. | CONFIGURATION MANAGEMENT |
| SOL-11.1-010300 - The audit system must be configured to audit all administrative, privileged, and security actions - getpolicy | CONFIGURATION MANAGEMENT |
| SOL-11.1-010300 - The audit system must be configured to audit all administrative, privileged, and security actions. | CONFIGURATION MANAGEMENT |
| SOL-11.1-010310 - The audit system must be configured to audit login, logout, and session initiation - getflags | ACCESS CONTROL |
| SOL-11.1-010310 - The audit system must be configured to audit login, logout, and session initiation - getnaflags lo | ACCESS CONTROL |
| SOL-11.1-010310 - The audit system must be configured to audit login, logout, and session initiation - getnaflags na | ACCESS CONTROL |
| SOL-11.1-010310 - The audit system must be configured to audit login, logout, and session initiation - getpolicy | ACCESS CONTROL |
| SOL-11.1-010320 - The audit system must be configured to audit all discretionary access control permission modifications - getpolicy | AUDIT AND ACCOUNTABILITY |
| SOL-11.1-010320 - The audit system must be configured to audit all discretionary access control permission modifications. | AUDIT AND ACCOUNTABILITY |
| SOL-11.1-010330 - The audit system must be configured to audit the loading and unloading of dynamic kernel modules - getpolicy | AUDIT AND ACCOUNTABILITY |
| SOL-11.1-010330 - The audit system must be configured to audit the loading and unloading of dynamic kernel modules. | AUDIT AND ACCOUNTABILITY |
| SOL-11.1-010340 - The audit system must be configured to audit failed attempts to access files and programs - getflags ex | CONFIGURATION MANAGEMENT |
| SOL-11.1-010340 - The audit system must be configured to audit failed attempts to access files and programs - getflags fa | CONFIGURATION MANAGEMENT |
| SOL-11.1-010340 - The audit system must be configured to audit failed attempts to access files and programs - getflags ps | CONFIGURATION MANAGEMENT |
| SOL-11.1-010340 - The audit system must be configured to audit failed attempts to access files and programs - getpolicy | CONFIGURATION MANAGEMENT |
| SOL-11.1-010350 - The operating system must protect against an individual falsely denying having performed a particular action. In order to do so the system must be configured to send audit records to a remote audit server - '.conf' | AUDIT AND ACCOUNTABILITY |
| SOL-11.1-010350 - The operating system must protect against an individual falsely denying having performed a particular action. In order to do so the system must be configured to send audit records to a remote audit server - 'getplugin' | AUDIT AND ACCOUNTABILITY |
| SOL-11.1-010360 - The auditing system must not define a different auditing level for specific users. | CONFIGURATION MANAGEMENT |
| SOL-11.1-010370 - The audit system must alert the SA when the audit storage volume approaches its capacity. | AUDIT AND ACCOUNTABILITY |
| SOL-11.1-010380 - The audit system must alert the System Administrator (SA) if there is any type of audit failure. | AUDIT AND ACCOUNTABILITY |
| SOL-11.1-010390 - The operating system must alert designated organizational officials in the event of an audit processing failure. | AUDIT AND ACCOUNTABILITY |
| SOL-11.1-010400 - The operating system must allocate audit record storage capacity - 'p_minfree' | AUDIT AND ACCOUNTABILITY |
| SOL-11.1-010400 - The operating system must allocate audit record storage capacity - 'zfs compression' | AUDIT AND ACCOUNTABILITY |
| SOL-11.1-010400 - The operating system must allocate audit record storage capacity - 'zfs quota' | AUDIT AND ACCOUNTABILITY |
| SOL-11.1-010400 - The operating system must allocate audit record storage capacity - 'zfs reservation' | AUDIT AND ACCOUNTABILITY |
| SOL-11.1-010410 - The operating system must configure auditing to reduce the likelihood of storage capacity being exceeded. | AUDIT AND ACCOUNTABILITY |
