CCI|CCI-000140

Title

Take organization-defined actions upon audit failure include, shutting down the system, overwriting oldest audit records, and stopping the generation of audit records.

Reference Item Details

Category: 2024

Audit Items

View all Reference Audit Items

NamePluginAudit Name
1.6 IBMW-LS-000230UnixCIS IBM WebSphere Liberty Server STIG v1.0.0 CAT II
1.12 MADB-10-001700UnixCIS MariaDB Enterprise 10.x STIG v1.1.0 CAT II Unix
1.13 MADB-10-001800MySQLDBCIS MariaDB Enterprise 10.x STIG v1.1.0 CAT II MySQLDB
1.31 SOL-11.1-010420UnixCIS Solaris 11 SPARC STIG v1.0.0 CAT II
1.31 SOL-11.1-010420UnixCIS Solaris 11 X86 STIG v1.0.0 CAT II
1.35 APPL-14-001010UnixCIS Apple macOS 14 Sonoma STIG v1.0.0 CAT II
1.49 APPL-14-001031UnixCIS Apple macOS 14 Sonoma STIG v1.0.0 CAT II
1.123 UBTU-22-653030UnixCIS Ubuntu Linux 22.04 LTS STIG v1.0.0 CAT II
1.147 SLES-15-030590UnixCIS SUSE Linux Enterprise Server 15 STIG v1.0.0 CAT II
1.155 OL09-00-000820UnixCIS Oracle Linux 9 STIG v1.0.0 CAT II
1.209 OL08-00-030040UnixCIS Oracle Linux 8 STIG v1.0.0 CAT II
1.210 OL08-00-030060UnixCIS Oracle Linux 8 STIG v1.0.0 CAT II
1.369 RHEL-09-653020UnixCIS Red Hat Enterprise Linux 9 STIG v1.0.0 CAT II
1.370 RHEL-09-653025UnixCIS Red Hat Enterprise Linux 9 STIG v1.0.0 CAT II
1.376 RHEL-09-653055UnixCIS Red Hat Enterprise Linux 9 STIG v1.0.0 CAT II
1.418 ALMA-09-054030UnixCIS Cloud Linux AlmaLinux OS 9 STIG v1.0.0 CAT II
1.419 ALMA-09-054140UnixCIS Cloud Linux AlmaLinux OS 9 STIG v1.0.0 CAT II
1.420 ALMA-09-054250UnixCIS Cloud Linux AlmaLinux OS 9 STIG v1.0.0 CAT II
1.421 ALMA-09-054360UnixCIS Cloud Linux AlmaLinux OS 9 STIG v1.0.0 CAT II
1.422 ALMA-09-054470UnixCIS Cloud Linux AlmaLinux OS 9 STIG v1.0.0 CAT II
1.423 ALMA-09-054580UnixCIS Cloud Linux AlmaLinux OS 9 STIG v1.0.0 CAT II
1.443 RHEL-09-654265UnixCIS Red Hat Enterprise Linux 9 STIG v1.0.0 CAT II
ALMA-09-054030 - AlmaLinux OS 9 audit system must take appropriate action when an error writing to the audit storage volume occurs.UnixDISA Cloud Linux AlmaLinux OS 9 STIG v1r6
ALMA-09-054140 - AlmaLinux OS 9 audit system must take appropriate action when the audit storage volume is full.UnixDISA Cloud Linux AlmaLinux OS 9 STIG v1r6
ALMA-09-054250 - AlmaLinux OS 9 must take appropriate action when a critical audit processing failure occurs.UnixDISA Cloud Linux AlmaLinux OS 9 STIG v1r6
ALMA-09-054360 - AlmaLinux OS 9 audit system must make full use of the audit storage space.UnixDISA Cloud Linux AlmaLinux OS 9 STIG v1r6
ALMA-09-054470 - AlmaLinux OS 9 audit system must take appropriate action when the audit files have reached maximum size.UnixDISA Cloud Linux AlmaLinux OS 9 STIG v1r6
ALMA-09-054580 - AlmaLinux OS 9 audit system must retain an optimal number of audit records.UnixDISA Cloud Linux AlmaLinux OS 9 STIG v1r6
AOSX-13-001355 - The macOS system must shut down by default upon audit failure (unless availability is an overriding concern).UnixDISA STIG Apple Mac OSX 10.13 v2r5
AOSX-14-001010 - The macOS system must shut down by default upon audit failure (unless availability is an overriding concern).UnixDISA STIG Apple Mac OSX 10.14 v2r6
AOSX-15-001010 - The macOS system must shut down by default upon audit failure (unless availability is an overriding concern).UnixDISA STIG Apple Mac OSX 10.15 v1r10
APPL-11-001010 - The macOS system must shut down by default upon audit failure (unless availability is an overriding concern).UnixDISA STIG Apple macOS 11 v1r5
APPL-11-001010 - The macOS system must shut down by default upon audit failure (unless availability is an overriding concern).UnixDISA STIG Apple macOS 11 v1r8
APPL-12-001010 - The macOS system must shut down by default upon audit failure (unless availability is an overriding concern).UnixDISA STIG Apple macOS 12 v1r9
APPL-13-001010 - The macOS system must shut down by default upon audit failure (unless availability is an overriding concern).UnixDISA STIG Apple macOS 13 v1r5
APPL-14-001010 - The macOS system must configure system to shut down upon audit failure.UnixDISA Apple macOS 14 Sonoma STIG v2r4
APPL-14-001031 - The macOS system must configure audit failure notification.UnixDISA Apple macOS 14 Sonoma STIG v2r4
APPL-15-001010 - The macOS system must be configured to shut down upon audit failure.UnixDISA Apple macOS 15 Sequoia STIG v1r7
APPL-15-001031 - The macOS system must configure audit failure notification.UnixDISA Apple macOS 15 Sequoia STIG v1r7
Big Sur - Configure System to Shut Down Upon Audit FailureUnixNIST macOS Big Sur v1.4.0 - 800-53r5 Low
Big Sur - Configure System to Shut Down Upon Audit FailureUnixNIST macOS Big Sur v1.4.0 - 800-53r4 High
Big Sur - Configure System to Shut Down Upon Audit FailureUnixNIST macOS Big Sur v1.4.0 - 800-53r5 Moderate
Big Sur - Configure System to Shut Down Upon Audit FailureUnixNIST macOS Big Sur v1.4.0 - 800-53r4 Low
Big Sur - Configure System to Shut Down Upon Audit FailureUnixNIST macOS Big Sur v1.4.0 - All Profiles
Big Sur - Configure System to Shut Down Upon Audit FailureUnixNIST macOS Big Sur v1.4.0 - 800-53r4 Moderate
Big Sur - Configure System to Shut Down Upon Audit FailureUnixNIST macOS Big Sur v1.4.0 - CNSSI 1253
Big Sur - Configure System to Shut Down Upon Audit FailureUnixNIST macOS Big Sur v1.4.0 - 800-171
Big Sur - Configure System to Shut Down Upon Audit FailureUnixNIST macOS Big Sur v1.4.0 - 800-53r5 High
CASA-FW-000090 - The Cisco ASA must be configured to queue log records locally in the event that the central audit server is down or not reachable - Buffer EnabledCiscoDISA STIG Cisco ASA FW v2r1
CASA-FW-000090 - The Cisco ASA must be configured to queue log records locally in the event that the central audit server is down or not reachable - QueueCiscoDISA STIG Cisco ASA FW v2r1