SRG-OS-000040-GPOS-00018

The operating system must produce audit records containing information to establish the source of the events.