SOL-11.1-010390 - The operating system must alert designated organizational officials in the event of an audit processing failure.

Information

Proper alerts to system administrators and IA officials of audit failures ensure a timely response to critical system issues.

Solution

The root role is required.

This action applies to the global zone only. Determine the zone that you are currently securing.

# zonename

If the command output is 'global', this action applies.

Add an audit_warn alias to /etc/mail/aliases that will forward to designated system administrator(s).

# pfedit /etc/mail/aliases

Insert a line in the form:
audit_warn:user1,user2

Put the updated aliases file into service.
# newaliases

See Also

https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_SOL_11_x86_V3R1_STIG.zip

Item Details

Category: AUDIT AND ACCOUNTABILITY

References: 800-53|AU-5a., CAT|I, CCI|CCI-000139, Rule-ID|SV-216038r958424_rule, STIG-ID|SOL-11.1-010390, STIG-Legacy|SV-60719, STIG-Legacy|V-47845, Vuln-ID|V-216038

Plugin: Unix

Control ID: 7c36bfd5d495ce3c3de9f5fda874208f326e974711fa1bb4d45d2f1376a12295