SRG-OS-000461-GPOS-00205

The operating system must generate audit records when successful/unsuccessful attempts to access categories of information (e.g., classification levels) occur.

27 rules found Severity: Medium

28 rules found Severity: Medium

26 rules found Severity: Medium

27 rules found Severity: Medium

13 rules found Severity: Medium

16 rules found Severity: Medium

15 rules found Severity: Medium

10 rules found Severity: Medium

9 rules found Severity: Medium

7 rules found Severity: Medium

4 rules found Severity: Medium

2 rules found Severity: Medium

SRG-OS-000461-GPOS-00205

Record Unsuccessful Access Attempts to Files - creat

Record Unsuccessful Access Attempts to Files - ftruncate

Record Unsuccessful Access Attempts to Files - open

Record Unsuccessful Access Attempts to Files - open_by_handle_at

Record Unsuccessful Access Attempts to Files - openat

Record Unsuccessful Access Attempts to Files - truncate

Record Unsuccessful Creation Attempts to Files - open_by_handle_at O_CREAT

Record Unsuccessful Modification Attempts to Files - open_by_handle_at O_TRUNC_WRITE

Ensure auditd Unauthorized Access Attempts To open_by_handle_at Are Ordered Correctly

Record Unsuccessful Creation Attempts to Files - open O_CREAT

Record Unsuccessful Modification Attempts to Files - open O_TRUNC_WRITE

Ensure auditd Rules For Unauthorized Attempts To open Are Ordered Correctly

Record Unsuccessful Creation Attempts to Files - openat O_CREAT

Record Unsuccessful Modification Attempts to Files - openat O_TRUNC_WRITE

Ensure auditd Rules For Unauthorized Attempts To openat Are Ordered Correctly

Record Unsuccessful Delete Attempts to Files - rename

Record Unsuccessful Delete Attempts to Files - renameat

Record Unsuccessful Delete Attempts to Files - unlink

Record Unsuccessful Delete Attempts to Files - unlinkat

Configure audit according to OSPP requirements

Configure auditing of unsuccessful file accesses

Configure auditing of successful file accesses

Configure auditing of unsuccessful file creations

Configure auditing of successful file creations

Configure auditing of unsuccessful file deletions

Configure auditing of successful file deletions

Configure auditing of unsuccessful file modifications

Configure auditing of successful file modifications

Configure auditing of unsuccessful file accesses (AArch64)

Configure auditing of unsuccessful file accesses (ppc64le)

Configure auditing of successful file accesses (AArch64)

Configure auditing of successful file accesses (ppc64le)

Configure auditing of unsuccessful file creations (AArch64)

Configure auditing of unsuccessful file creations (ppc64le)

Configure auditing of successful file creations (AArch64)

Configure auditing of successful file creations (ppc64le)

Configure auditing of unsuccessful file deletions (AArch64)

Configure auditing of unsuccessful file deletions (ppc64le)

Configure auditing of successful file deletions (AArch64)

Configure auditing of successful file deletions (ppc64le)

Configure auditing of unsuccessful file modifications (AARch64)

Configure auditing of unsuccessful file modifications (ppc64le)

Configure auditing of successful file modifications (AArch64)

Configure auditing of successful file modifications (ppc64le)