Detections
Analytics

CCI|CCI-001855

Title

Provide a warning to organization-defined personnel, roles, and/or locations within an organization-defined time period when allocated audit log storage volume reaches an organization-defined percentage of repository maximum audit log storage capacity.

Reference Item Details

Category: 2024

Audit Items

View all Reference Audit Items

NamePluginAudit Name
1.14 O19C-00-005900OracleDBCIS Oracle Database 19c STIG v1.1.0 CAT II OracleDB
1.26 SOL-11.1-010370UnixCIS Solaris 11 SPARC STIG v1.0.0 CAT II
1.26 SOL-11.1-010370UnixCIS Solaris 11 X86 STIG v1.0.0 CAT II
1.45 PHTN-40-000112UnixCIS VMware vSphere 8.0 vCenter Appliance Photon OS 4.0 STIG v1.0.0 CAT III
1.46 SQLI-22-011000MS_SQLDBCIS Microsoft SQL Server 2022 Instance STIG v1.0.0 CAT II MS_SQLDB
1.48 APPL-14-001030UnixCIS Apple macOS 14 Sonoma STIG v1.0.0 CAT II
1.78 AZLX-23-002035UnixCIS Amazon Linux 2023 STIG v1.0.0 CAT II
1.79 AZLX-23-002040UnixCIS Amazon Linux 2023 STIG v1.0.0 CAT II
1.80 AZLX-23-002045UnixCIS Amazon Linux 2023 STIG v1.0.0 CAT II
1.81 AZLX-23-002050UnixCIS Amazon Linux 2023 STIG v1.0.0 CAT II
1.82 AZLX-23-002055UnixCIS Amazon Linux 2023 STIG v1.0.0 CAT II
1.125 UBTU-22-653040UnixCIS Ubuntu Linux 22.04 LTS STIG v1.0.0 CAT III
1.157 SLES-15-030700UnixCIS SUSE Linux Enterprise Server 15 STIG v1.0.0 CAT II
1.174 RHEL-10-500040UnixCIS Red Hat Enterprise Linux 10 STIG v1.0.0 CAT II
1.175 UBTU-24-900960UnixCIS Ubuntu Linux 24.04 LTS STIG v1.0.0 CAT III
1.177 RHEL-10-500105UnixCIS Red Hat Enterprise Linux 10 STIG v1.0.0 CAT II
1.178 RHEL-10-500110UnixCIS Red Hat Enterprise Linux 10 STIG v1.0.0 CAT II
1.182 RHEL-10-500205UnixCIS Red Hat Enterprise Linux 10 STIG v1.0.0 CAT II
1.183 RHEL-10-500210UnixCIS Red Hat Enterprise Linux 10 STIG v1.0.0 CAT II
1.282 OL08-00-030730UnixCIS Oracle Linux 8 STIG v1.0.0 CAT II
1.283 OL08-00-030731UnixCIS Oracle Linux 8 STIG v1.0.0 CAT II
1.372 RHEL-09-653035UnixCIS Red Hat Enterprise Linux 9 STIG v1.0.0 CAT II
1.373 RHEL-09-653040UnixCIS Red Hat Enterprise Linux 9 STIG v1.0.0 CAT II
1.374 RHEL-09-653045UnixCIS Red Hat Enterprise Linux 9 STIG v1.0.0 CAT II
1.375 RHEL-09-653050UnixCIS Red Hat Enterprise Linux 9 STIG v1.0.0 CAT II
1.379 RHEL-09-653070UnixCIS Red Hat Enterprise Linux 9 STIG v1.0.0 CAT II
3.092 - The system must generate an audit event when the audit log reaches a percentage of full threshold.WindowsDISA Windows Vista STIG v6r41
4.1.2.4 Ensure system notification is sent out when volume is 75% fullUnixCIS Amazon Linux 2 STIG v2.0.1 STIG
4.1.2.4 Ensure system notification is sent out when volume is 75% full - SA and Information System Security Officer ISSO, at a minimum, when allocated audit record storage volume reaches 75% of the repository maximum audit record storage capacity.UnixCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
4.1.2.5 Ensure system is disabled when audit logs are fullUnixCIS Amazon Linux 2 STIG v2.0.1 L2 Server
4.1.2.5 Ensure system is disabled when audit logs are fullUnixCIS Amazon Linux 2 STIG v2.0.1 STIG
4.1.2.5 Ensure system is disabled when audit logs are full - at a minimum via email when the threshold for the repository maximum audit record storage capacity is reached.UnixCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
4.1.2.5 Ensure system is disabled when audit logs are full - at a minimum when the threshold for the repository maximum audit record storage capacity is reached.UnixCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
ALMA-09-053260 - AlmaLinux OS 9 must take action when allocated audit record storage volume reaches 95 percent of the audit record storage capacity.UnixDISA Cloud Linux AlmaLinux OS 9 STIG v1r6
ALMA-09-053370 - AlmaLinux OS 9 must take action when allocated audit record storage volume reaches 95 percent of the repository maximum audit record storage capacity.UnixDISA Cloud Linux AlmaLinux OS 9 STIG v1r6
ALMA-09-053480 - AlmaLinux OS 9 must take action when allocated audit record storage volume reaches 75 percent of the repository maximum audit record storage capacity.UnixDISA Cloud Linux AlmaLinux OS 9 STIG v1r6
ALMA-09-053590 - AlmaLinux OS 9 must notify the system administrator (SA) and information system security officer (ISSO) (at a minimum) when allocated audit record storage volume reaches 75 percent usage.UnixDISA Cloud Linux AlmaLinux OS 9 STIG v1r6
APPL-14-001030 - The macOS system must configure audit capacity warning.UnixDISA Apple macOS 14 Sonoma STIG v2r4
APPL-15-001030 - The macOS system must configure audit capacity warning.UnixDISA Apple macOS 15 Sequoia STIG v1r7
APPL-26-001030 - The macOS system must configure audit capacity warning.UnixDISA Apple macOS 26 Tahoe STIG v1r2
AS24-U1-000160 - The Apache web server must use a logging mechanism that is configured to alert the Information System Security Officer (ISSO) and System Administrator (SA) in the event of a processing failure.UnixDISA STIG Apache Server 2.4 Unix Server v3r2 Middleware
AS24-U1-000160 - The Apache web server must use a logging mechanism that is configured to alert the Information System Security Officer (ISSO) and System Administrator (SA) in the event of a processing failure.UnixDISA STIG Apache Server 2.4 Unix Server v3r2
AZLX-23-002035 - Amazon Linux 2023 must take action when allocated audit record storage volume reaches 75 percent of the repository maximum audit record storage capacity.UnixDISA Amazon Linux 2023 STIG v1r3
AZLX-23-002040 - Amazon Linux 2023 must notify the system administrator (SA) and information system security officer (ISSO) (at a minimum) when allocated audit record storage volume 75 percent utilization.UnixDISA Amazon Linux 2023 STIG v1r3
AZLX-23-002045 - Amazon Linux 2023 must take action when allocated audit record storage volume reaches 95 percent of the audit record storage capacity.UnixDISA Amazon Linux 2023 STIG v1r3
AZLX-23-002050 - Amazon Linux 2023 must take action when allocated audit record storage volume reaches 95 percent of the repository maximum audit record storage capacity.UnixDISA Amazon Linux 2023 STIG v1r3
AZLX-23-002055 - Amazon Linux 2023 must immediately notify the system administrator (SA) and information system security officer (ISSO), at a minimum, of an audit processing failure event.UnixDISA Amazon Linux 2023 STIG v1r3
Big Sur - Configure Audit Capacity WarningUnixNIST macOS Big Sur v1.4.0 - 800-53r4 High
Big Sur - Configure Audit Capacity WarningUnixNIST macOS Big Sur v1.4.0 - 800-53r5 High
Big Sur - Configure Audit Capacity WarningUnixNIST macOS Big Sur v1.4.0 - All Profiles