SOL-11.1-010410 - The operating system must configure auditing to reduce the likelihood of storage capacity being exceeded.

Information

Overflowing the audit storage area can result in a denial of service or system outage.

Solution

The Audit Control profile is required.

This action applies to the global zone only. Determine the zone that you are currently securing.

# zonename

If the command output is 'global', this action applies.

Set the size of a binary audit file to a specific size. The size is specified in megabytes.

# pfexec auditconfig -setplugin audit_binfile p_fsize=4M

Restart the audit system.

# pfexec audit -s

See Also

https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_SOL_11_SPARC_V3R1_STIG.zip

Item Details

Category: AUDIT AND ACCOUNTABILITY

References: 800-53|AU-4, CAT|I, CCI|CCI-001849, Rule-ID|SV-219968r958752_rule, STIG-ID|SOL-11.1-010410, STIG-Legacy|SV-62545, STIG-Legacy|V-49621, Vuln-ID|V-219968

Plugin: Unix

Control ID: 29528d7ad3bb9ebe9b561bbdbcefcd4764cd6839ba8b20a5a069b2da3755dec4