SOL-11.1-010410 - The operating system must configure auditing to reduce the likelihood of storage capacity being exceeded.

Information

Overflowing the audit storage area can result in a denial of service or system outage.

Solution

The Audit Control profile is required.

This action applies to the global zone only. Determine the zone that you are currently securing.

# zonename

If the command output is 'global', this action applies.

Set the size of a binary audit file to a specific size. The size is specified in megabytes.

# pfexec auditconfig -setplugin audit_binfile p_fsize=4M

Restart the audit system.

# pfexec audit -s

See Also

https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_SOL_11_SPARC_V2R6_STIG.zip

Item Details

Category: AUDIT AND ACCOUNTABILITY

References: 800-53|AU-4, CAT|I, CCI|CCI-001849, Rule-ID|SV-219968r603267_rule, STIG-ID|SOL-11.1-010410, STIG-Legacy|SV-62545, STIG-Legacy|V-49621, Vuln-ID|V-219968

Plugin: Unix

Control ID: 7ecf3acd2a8eec33dd98e0e94450b945e5be18ae45210d48538d0efe9a034bc8