Guide to the Secure Configuration of SUSE Linux Enterprise Micro 5
Rules, Groups, and Values defined within the XCCDF Benchmark
-
Action for auditd to take when disk is full
'The setting for disk_full_action in /etc/audit/auditd.conf, if multiple values are allowed write them separated by pipes as in "syslog|single|halt...Value -
Action for auditd to take when disk space just starts to run low
The setting for space_left_action in /etc/audit/auditd.confValue -
The percentage remaining in disk space before prompting space_left_action
The setting for space_left as a percentage in /etc/audit/auditd.confValue -
Configure audispd Plugin To Send Logs To Remote Server
Configure the audispd plugin to off-load audit records onto a different system or media from the system being audited. Set the <code>remote_server...Rule Medium Severity -
Configure a Sufficiently Large Partition for Audit Logs
The SUSE Linux Enterprise Micro 5 operating system must allocate audit record storage capacity to store at least one weeks worth of audit records w...Rule Medium Severity
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.
Capacity
Modules