SOL-11.1-010390 - The operating system must alert designated organizational officials in the event of an audit processing failure.

Information

Proper alerts to system administrators and IA officials of audit failures ensure a timely response to critical system issues.

Solution

The root role is required.

This action applies to the global zone only. Determine the zone that you are currently securing.

# zonename

If the command output is 'global', this action applies.

Add an audit_warn alias to /etc/mail/aliases that will forward to designated system administrator(s).

# pfedit /etc/mail/aliases

Insert a line in the form:
audit_warn:user1,user2

Put the updated aliases file into service.
# newaliases

See Also

https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_SOL_11_SPARC_V3R1_STIG.zip

Item Details

Category: AUDIT AND ACCOUNTABILITY

References: 800-53|AU-5a., CAT|I, CCI|CCI-000139, Rule-ID|SV-216273r958424_rule, STIG-ID|SOL-11.1-010390, STIG-Legacy|SV-60719, STIG-Legacy|V-47845, Vuln-ID|V-216273

Plugin: Unix

Control ID: e9c7246f233c50b7245892b79fb2007dad5eee96a77566fc77bda54e65d72146