4.1.1.1 Ensure audit log storage size is configured

Information

It is important that an appropriate size is determined for log files so that they do not impact the system and audit data is not lost.

Solution

Set the following parameter in /etc/audit/auditd.conf in accordance with site policy-max_log_file = <MB> Notes - The max_log_file parameter is measured in megabytes.

See Also

https://workbench.cisecurity.org/files/1863

Item Details

Category: AUDIT AND ACCOUNTABILITY

References: 800-53|AU-4, CSCv6|6.3

Plugin: Unix

Control ID: 4fd801717464f496a456c48859d696dd1ce1a3f453b0a9c80660565f1fdd5384