4.1.1.1 Ensure audit log storage size is configured

Warning! Audit Deprecated

This audit has been deprecated and will be removed in a future update.

View Next Audit Version

Information

It is important that an appropriate size is determined for log files so that they do not impact the system and audit data is not lost.

Solution

Set the following parameter in /etc/audit/auditd.conf in accordance with site policy: max_log_file = <MB>

See Also

https://workbench.cisecurity.org/files/1859

Item Details

Category: AUDIT AND ACCOUNTABILITY

References: 800-53|AU-4, CSCv6|6.3

Plugin: Unix

Control ID: d68b07054ed6fd6d4680c35d89917d6bb5835156be3f636edf5688b29f97e4b1