Skip to content
ATO Pathways
  Log In

CCI-001881

Provide an audit reduction capability that does not alter original content or time ordering of audit records.

Logo
29

Rule

Severity: Medium
Ensure the audit Subsystem is Installed
Logo
30

Rule

Severity: Medium
Enable auditd Service
Logo
3

Rule

Severity: Medium
Ensure the audit-libs package as a part of audit Subsystem is Installed
Logo
15

Rule

Severity: Medium
Record Events When Privileged Executables Are Run
Logo
2

Rule

Severity: Medium
Ensure the libaudit1 package as a part of audit Subsystem is Installed
Logo
2

Rule

Severity: Medium
The application must provide an audit reduction capability that does not alter original content or time ordering of audit records.
Logo
2

Rule

Severity: Low
The Central Log Server must be configured to perform audit reduction that does not alter original content or time ordering of log records.
Logo
2

Rule

Severity: Medium
The Mainframe Product must provide an audit reduction capability that does not alter original content or time ordering of audit records.
Logo
1

Rule

Severity: Medium
Nutanix AOS must provide the capability to centrally review and analyze audit records from multiple components within the system.
Logo
1

Rule

Severity: Medium
The macOS system must enable System Integrity Protection.
Logo
3

Rule

Severity: High
The macOS system must enable System Integrity Protection.
Logo
2

Rule

Severity: Medium
The Ubuntu operating system must produce audit records and reports containing information to establish when, where, what type, the source, and the outcome for all DoD-defined auditable events and actions in near real time.
Logo
2

Rule

Severity: Medium
The operating system must not alter original content or time ordering of audit records when it provides an audit reduction capability.
Logo
2

Rule

Severity: Medium
OL 8 audit records must contain information to establish what type of events occurred, the source of events, where events occurred, and the outcome of events.
Logo
4

Rule

Severity: Medium
The SUSE operating system must have the auditing package installed.
Logo
4

Rule

Severity: Low
The SUSE operating system must generate audit records for all uses of the privileged functions.
Logo
2

Rule

Severity: Medium
RHEL 9 audit package must be installed.
Logo
2

Rule

Severity: Medium
RHEL 9 audit service must be enabled.
Logo
2

Rule

Severity: Medium
The VMM that provides an audit reduction capability must not alter original content or time ordering of audit records.
Logo
1

Rule

Severity: Medium
Ubuntu 22.04 LTS must have the "auditd" package installed.
Logo
1

Rule

Severity: Medium
Ubuntu 22.04 LTS must produce audit records and reports containing information to establish when, where, what type, the source, and the outcome for all DOD-defined auditable events and actions in near real time.
Logo
1

Rule

Severity: Medium
The OL 8 audit package must be installed.
Logo
1

Rule

Severity: Medium
SLEM 5 must have the auditing package installed.
Logo
1

Rule

Severity: Medium
SLEM 5 must generate audit records for all uses of privileged functions.
Logo
1

Rule

Severity: Medium
TOSS audit records must contain information to establish what type of events occurred, when the events occurred, the source of events, where events occurred, and the outcome of events.

Patternfly

PatternFly elements

The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.

Capacity
Modules