DISA STIG Solaris 11 X86 v2r4

Warning! Audit Deprecated

This audit file has been deprecated and will be removed in a future update.

View Next Version

Audit Details

Name: DISA STIG Solaris 11 X86 v2r4

Updated: 2/22/2022

Authority: DISA STIG

Plugin: Unix

Revision: 1.1

Estimated Item Count: 336

Audit Items

Description	Categories
DISA_STIG_Solaris_11_v2r4.audit from DISA Solaris 11 X86 v2r4 STIG
SOL-11.1-010040 - The audit system must produce records containing sufficient information to establish the identity of any user/subject associated with the event.	AUDIT AND ACCOUNTABILITY
SOL-11.1-010060 - The audit system must support an audit reduction capability.	AUDIT AND ACCOUNTABILITY
SOL-11.1-010070 - The audit system records must be able to be used by a report generation capability.	AUDIT AND ACCOUNTABILITY
SOL-11.1-010080 - The operating system must provide the capability to automatically process audit records for events of interest based upon selectable, event criteria.	AUDIT AND ACCOUNTABILITY
SOL-11.1-010100 - The audit records must provide data for all auditable events defined at the organizational level for the organization-defined information system components.	AUDIT AND ACCOUNTABILITY
SOL-11.1-010120 - The operating system must generate audit records for the selected list of auditable events as defined in DoD list of events.	AUDIT AND ACCOUNTABILITY
SOL-11.1-010130 - The operating system must support the capability to compile audit records from multiple components within the system into a system-wide (logical or physical) audit trail that is time-correlated to within organization-defined level of tolerance.	AUDIT AND ACCOUNTABILITY
SOL-11.1-010140 - Audit records must include what type of events occurred.	AUDIT AND ACCOUNTABILITY
SOL-11.1-010150 - Audit records must include when (date and time) the events occurred.	AUDIT AND ACCOUNTABILITY
SOL-11.1-010160 - Audit records must include where the events occurred.	AUDIT AND ACCOUNTABILITY
SOL-11.1-010170 - Audit records must include the sources of the events that occurred.	AUDIT AND ACCOUNTABILITY
SOL-11.1-010180 - Audit records must include the outcome (success or failure) of the events that occurred.	AUDIT AND ACCOUNTABILITY
SOL-11.1-010220 - The audit system must be configured to audit file deletions - getpolicy	AUDIT AND ACCOUNTABILITY
SOL-11.1-010220 - The audit system must be configured to audit file deletions.	AUDIT AND ACCOUNTABILITY
SOL-11.1-010230 - The audit system must be configured to audit account creation - getpolicy	AUDIT AND ACCOUNTABILITY
SOL-11.1-010230 - The audit system must be configured to audit account creation.	AUDIT AND ACCOUNTABILITY
SOL-11.1-010250 - The audit system must be configured to audit account modification - getpolicy	AUDIT AND ACCOUNTABILITY
SOL-11.1-010250 - The audit system must be configured to audit account modification.	AUDIT AND ACCOUNTABILITY
SOL-11.1-010260 - The operating system must automatically audit account disabling actions - getpolicy	AUDIT AND ACCOUNTABILITY
SOL-11.1-010260 - The operating system must automatically audit account disabling actions.	AUDIT AND ACCOUNTABILITY
SOL-11.1-010270 - The operating system must automatically audit account termination - getpolicy	AUDIT AND ACCOUNTABILITY
SOL-11.1-010270 - The operating system must automatically audit account termination.	AUDIT AND ACCOUNTABILITY
SOL-11.1-010290 - The operating system must ensure unauthorized, security-relevant configuration changes detected are tracked - getpolicy	AUDIT AND ACCOUNTABILITY
SOL-11.1-010290 - The operating system must ensure unauthorized, security-relevant configuration changes detected are tracked.	AUDIT AND ACCOUNTABILITY
SOL-11.1-010300 - The audit system must be configured to audit all administrative, privileged, and security actions - getpolicy	AUDIT AND ACCOUNTABILITY
SOL-11.1-010300 - The audit system must be configured to audit all administrative, privileged, and security actions.	AUDIT AND ACCOUNTABILITY
SOL-11.1-010310 - The audit system must be configured to audit login, logout, and session initiation - getflags	AUDIT AND ACCOUNTABILITY
SOL-11.1-010310 - The audit system must be configured to audit login, logout, and session initiation - getnaflags lo	AUDIT AND ACCOUNTABILITY
SOL-11.1-010310 - The audit system must be configured to audit login, logout, and session initiation - getnaflags na	AUDIT AND ACCOUNTABILITY
SOL-11.1-010310 - The audit system must be configured to audit login, logout, and session initiation - getpolicy	AUDIT AND ACCOUNTABILITY
SOL-11.1-010320 - The audit system must be configured to audit all discretionary access control permission modifications - getpolicy	AUDIT AND ACCOUNTABILITY
SOL-11.1-010320 - The audit system must be configured to audit all discretionary access control permission modifications.	AUDIT AND ACCOUNTABILITY
SOL-11.1-010330 - The audit system must be configured to audit the loading and unloading of dynamic kernel modules - getpolicy	AUDIT AND ACCOUNTABILITY
SOL-11.1-010330 - The audit system must be configured to audit the loading and unloading of dynamic kernel modules.	AUDIT AND ACCOUNTABILITY
SOL-11.1-010340 - The audit system must be configured to audit failed attempts to access files and programs - getflags ex	AUDIT AND ACCOUNTABILITY
SOL-11.1-010340 - The audit system must be configured to audit failed attempts to access files and programs - getflags fa	AUDIT AND ACCOUNTABILITY
SOL-11.1-010340 - The audit system must be configured to audit failed attempts to access files and programs - getflags ps	AUDIT AND ACCOUNTABILITY
SOL-11.1-010340 - The audit system must be configured to audit failed attempts to access files and programs - getpolicy	AUDIT AND ACCOUNTABILITY
SOL-11.1-010350 - The operating system must protect against an individual falsely denying having performed a particular action. In order to do so the system must be configured to send audit records to a remote audit server - '.conf'	AUDIT AND ACCOUNTABILITY
SOL-11.1-010350 - The operating system must protect against an individual falsely denying having performed a particular action. In order to do so the system must be configured to send audit records to a remote audit server - 'getplugin'	AUDIT AND ACCOUNTABILITY
SOL-11.1-010360 - The auditing system must not define a different auditing level for specific users.	AUDIT AND ACCOUNTABILITY
SOL-11.1-010370 - The audit system must alert the SA when the audit storage volume approaches its capacity.	AUDIT AND ACCOUNTABILITY
SOL-11.1-010380 - The audit system must alert the System Administrator (SA) if there is any type of audit failure.	AUDIT AND ACCOUNTABILITY
SOL-11.1-010390 - The operating system must alert designated organizational officials in the event of an audit processing failure.	AUDIT AND ACCOUNTABILITY
SOL-11.1-010400 - The operating system must allocate audit record storage capacity - 'p_minfree'	AUDIT AND ACCOUNTABILITY
SOL-11.1-010400 - The operating system must allocate audit record storage capacity - 'zfs compression'	AUDIT AND ACCOUNTABILITY
SOL-11.1-010400 - The operating system must allocate audit record storage capacity - 'zfs quota'	AUDIT AND ACCOUNTABILITY
SOL-11.1-010400 - The operating system must allocate audit record storage capacity - 'zfs reservation'	AUDIT AND ACCOUNTABILITY
SOL-11.1-010410 - The operating system must configure auditing to reduce the likelihood of storage capacity being exceeded.	AUDIT AND ACCOUNTABILITY

Detections

Analytics

DISA STIG Solaris 11 X86 v2r4

Warning! Audit Deprecated

Audit Details

Audit Items