SRG-OS-000342-GPOS-00133

The operating system must offload audit records onto a different system or media from the system being audited.