CSCv6|6.3

Title

Ensure that all systems that store logs have adequate storage space for the logs generated on a regular basis.

Description

Ensure that all systems that store logs have adequate storage space for the logs generated on a regular basis, so that log files will not fill up between log rotation intervals. The logs must be archived and digitally signed on a periodic basis.

Reference Item Details

Category: Maintenance, Monitoring, and Analysis of Audit Logs

Family: System

Audit Items

View all Reference Audit Items

NamePluginAudit Name
1.1 Maintain current contact detailsamazon_awsCIS Amazon Web Services Foundations L1 1.4.0
1.1.3.9.4 Set 'MSS: (WarningLevel) Percentage threshold for the security event log at which the system will generate a warning' to '<= 0.9'WindowsCIS Windows 8 L1 v1.0.0
1.1.5.1.2 Set 'Windows Firewall: Domain: Logging: Size limit (KB)' to '16384 KB or greater'WindowsCIS Windows 8 L1 v1.0.0
1.1.5.1.3 Set 'Windows Firewall: Domain: Logging: Name' to '%SYSTEMROOT%\System32\logfiles\firewall\domainfw.log'WindowsCIS Windows 8 L1 v1.0.0
1.1.5.1.4 Set 'Windows Firewall: Private: Logging: Size limit (KB)' to '16384 KB or greater'WindowsCIS Windows 8 L1 v1.0.0
1.1.10 Ensure separate partition exists for /varUnixCIS Ubuntu Linux 16.04 LTS Workstation L2 v2.0.0
1.1.10 Ensure separate partition exists for /varUnixCIS Ubuntu Linux 16.04 LTS Server L2 v2.0.0
1.1.10 Ensure separate partition exists for /var/logUnixCIS Ubuntu Linux 14.04 LTS Server L2 v2.1.0
1.1.10 Ensure separate partition exists for /var/logUnixCIS Ubuntu Linux 14.04 LTS Workstation L2 v2.1.0
1.1.10 Ensure separate partition exists for /var/logUnixCIS Debian 8 Workstation L2 v2.0.2
1.1.10 Ensure separate partition exists for /var/logUnixCIS Debian 8 Server L2 v2.0.2
1.1.11 Ensure separate partition exists for /var/logUnixCIS SUSE Linux Enterprise Server 11 L2 v2.1.0
1.1.11 Ensure separate partition exists for /var/logUnixCIS SUSE Linux Enterprise Workstation 11 L2 v2.1.0
1.1.11 Ensure separate partition exists for /var/logUnixCIS Amazon Linux v2.1.0 L2
1.1.11 Ensure separate partition exists for /var/logUnixCIS Distribution Independent Linux Server L2 v2.0.0
1.1.11 Ensure separate partition exists for /var/logUnixCIS Ubuntu Linux 18.04 LXD Host L2 Server v1.0.0
1.1.11 Ensure separate partition exists for /var/logUnixCIS Distribution Independent Linux Workstation L2 v2.0.0
1.1.11 Ensure separate partition exists for /var/logUnixCIS Ubuntu Linux 18.04 LXD Host L2 Workstation v1.0.0
1.1.11 Ensure separate partition exists for /var/log/auditUnixCIS Ubuntu Linux 14.04 LTS Server L2 v2.1.0
1.1.11 Ensure separate partition exists for /var/log/auditUnixCIS Ubuntu Linux 14.04 LTS Workstation L2 v2.1.0
1.1.11 Ensure separate partition exists for /var/log/auditUnixCIS Debian 8 Server L2 v2.0.2
1.1.11 Ensure separate partition exists for /var/log/auditUnixCIS Debian 8 Workstation L2 v2.0.2
1.1.12 Ensure separate partition exists for /var/log/auditUnixCIS Amazon Linux v2.1.0 L2
1.1.12 Ensure separate partition exists for /var/log/auditUnixCIS SUSE Linux Enterprise Workstation 11 L2 v2.1.0
1.1.12 Ensure separate partition exists for /var/log/auditUnixCIS Distribution Independent Linux Server L2 v2.0.0
1.1.12 Ensure separate partition exists for /var/log/auditUnixCIS SUSE Linux Enterprise Server 11 L2 v2.1.0
1.1.12 Ensure separate partition exists for /var/log/auditUnixCIS Ubuntu Linux 18.04 LXD Host L2 Server v1.0.0
1.1.12 Ensure separate partition exists for /var/log/auditUnixCIS Distribution Independent Linux Workstation L2 v2.0.0
1.1.12 Ensure separate partition exists for /var/log/auditUnixCIS Ubuntu Linux 18.04 LXD Host L2 Workstation v1.0.0
1.1.15 Ensure separate partition exists for /var/logUnixCIS Ubuntu Linux 18.04 LTS Workstation L2 v2.1.0
1.1.15 Ensure separate partition exists for /var/logUnixCIS Ubuntu Linux 20.04 LTS Workstation L2 v1.1.0
1.1.15 Ensure separate partition exists for /var/logUnixCIS Ubuntu Linux 20.04 LTS Server L2 v1.1.0
1.1.15 Ensure separate partition exists for /var/logUnixCIS Ubuntu Linux 18.04 LTS Server L2 v2.1.0
1.1.15 Ensure that the --audit-log-maxage argument is set to 30 or as appropriateUnixCIS Kubernetes 1.8 Benchmark v1.2.0 L1
1.1.16 Ensure separate partition exists for /var/log/auditUnixCIS Ubuntu Linux 18.04 LTS Workstation L2 v2.1.0
1.1.16 Ensure separate partition exists for /var/log/auditUnixCIS Ubuntu Linux 18.04 LTS Server L2 v2.1.0
1.1.16 Ensure separate partition exists for /var/log/auditUnixCIS Ubuntu Linux 20.04 LTS Workstation L2 v1.1.0
1.1.16 Ensure separate partition exists for /var/log/auditUnixCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
1.1.16 Ensure separate partition exists for /var/log/auditUnixCIS Ubuntu Linux 20.04 LTS Server L2 v1.1.0
1.1.16 Ensure that the --audit-log-maxage argument is set to 30 or as appropriateUnixCIS Kubernetes 1.13 Benchmark v1.4.1 L1
1.1.16 Ensure that the --audit-log-maxage argument is set to 30 or as appropriateUnixCIS Kubernetes 1.11 Benchmark v1.3.0 L1
1.1.16 Ensure that the --audit-log-maxbackup argument is set to 10 or as appropriateUnixCIS Kubernetes 1.8 Benchmark v1.2.0 L1
1.1.17 Ensure that the --audit-log-maxage argument is set to 30 or as appropriateUnixCIS Kubernetes 1.7.0 Benchmark v1.1.0 L1
1.1.17 Ensure that the --audit-log-maxbackup argument is set to 10 or as appropriateUnixCIS Kubernetes 1.13 Benchmark v1.4.1 L1
1.1.17 Ensure that the --audit-log-maxbackup argument is set to 10 or as appropriateUnixCIS Kubernetes 1.11 Benchmark v1.3.0 L1
1.1.17 Ensure that the --audit-log-maxsize argument is set to 100 or as appropriateUnixCIS Kubernetes 1.8 Benchmark v1.2.0 L1
1.1.18 Ensure that the --audit-log-maxbackup argument is set to 10 or as appropriateUnixCIS Kubernetes 1.7.0 Benchmark v1.1.0 L1
1.1.18 Ensure that the --audit-log-maxsize argument is set to 100 or as appropriateUnixCIS Kubernetes 1.11 Benchmark v1.3.0 L1
1.1.18 Ensure that the --audit-log-maxsize argument is set to 100 or as appropriateUnixCIS Kubernetes 1.13 Benchmark v1.4.1 L1
1.1.19 Ensure that the --audit-log-maxsize argument is set to 100 or as appropriateUnixCIS Kubernetes 1.7.0 Benchmark v1.1.0 L1