The Ubuntu operating system must have a crontab script running weekly to offload audit events of standalone systems.

An XCCDF Rule

Details
Profiles

Description

Information stored in one location is vulnerable to accidental or incidental deletion or alteration. Offloading is a common process in information systems with limited audit storage capacity.

ID: SV-238321r959008_rule
Version: UBTU-20-010300
Severity: Low
References: CCI-001851
Updated: 5 days ago

Remediation Templates

Create a script that offloads audit logs to external media and runs weekly. 
 
The script must be located in the "/etc/cron.weekly" directory.

The Ubuntu operating system must have a crontab script running weekly to offload audit events of standalone systems.

Description

Remediation Templates

A Manual Procedure