CCI-001879

Provide a report generation capability that supports on-demand reporting requirements.

34 rules found Severity: Medium

36 rules found Severity: Medium

7 rules found Severity: Medium

4 rules found Severity: Medium

2 rules found Severity: Medium

1 rule found Severity: Medium

1 rule found Severity: Low

1 rule found Severity: Medium

2 rules found Severity: Medium

1 rule found Severity: High

1 rule found Severity: Medium

1 rule found Severity: Low

1 rule found Severity: Medium

1 rule found Severity: Low

1 rule found Severity: Medium

2 rules found Severity: Medium

2 rules found Severity: Low

1 rule found Severity: Medium

CCI-001879

Ensure the audit Subsystem is Installed

Enable auditd Service

Ensure the audit-libs package as a part of audit Subsystem is Installed

Record Events When Privileged Executables Are Run

Ensure the libaudit1 package as a part of audit Subsystem is Installed

The IBM z/VM journal minidisk space allocation must be large enough for one weeks worth of audit records.

The Exchange Public Store storage quota must be limited.

Nutanix AOS must provide the capability to centrally review and analyze audit records from multiple components within the system.

The macOS system must enable System Integrity Protection.

The Ubuntu operating system must produce audit records and reports containing information to establish when, where, what type, the source, and the outcome for all DoD-defined auditable events and actions in near real time.

The macOS system must enable System Integrity Protection.

AIX must provide a report generation function that supports on-demand audit review and analysis, on-demand reporting requirements, and after-the-fact investigations of security incidents.

SLEM 5 must have the auditing package installed.

SLEM 5 must generate audit records for all uses of privileged functions.

TOSS audit records must contain information to establish what type of events occurred, when the events occurred, the source of events, where events occurred, and the outcome of events.

NixOS must enable the audit daemon.

The application must provide a report generation capability that supports on-demand reporting requirements.

Ubuntu 22.04 LTS must have the "auditd" package installed.

Ubuntu 22.04 LTS must produce audit records and reports containing information to establish when, where, what type, the source, and the outcome for all DOD-defined auditable events and actions in near real time.

The Central Log Server must be configured to generate reports that support on-demand reporting requirements.

The audit package must be installed on AlmaLinux OS 9.

The auditd service must be enabled on AlmaLinux OS 9.

The operating system must provide a report generation capability that supports on-demand reporting requirements.

The Mainframe Product must provide a report generation capability that supports on-demand reporting requirements.

The OL 8 audit package must be installed.

OL 8 audit records must contain information to establish what type of events occurred, the source of events, where events occurred, and the outcome of events.

RHEL 9 audit package must be installed.

RHEL 9 audit service must be enabled.

The SUSE operating system must have the auditing package installed.

The SUSE operating system must generate audit records for all uses of the privileged functions.

The VMM must provide a report generation capability that supports on-demand reporting requirements.