ONTAP must allocate audit record storage capacity in accordance with organization-defined audit record storage requirements.

Description

<VulnDiscussion>Audit records are stored on staging volumes when auditing is enabled. If the staging volumes do not exist when auditing is enabled, the auditing subsystem creates the staging volumes. These volumes hold the audit logs until they can be consolidated. Enabling auditing will also enable guaranteed auditing by default. This feature will guarantee audit records are not lost even when a node goes offline or the disk becomes filled. Audit records are stored on staging volumes prior to consolidation and conversion. Staging volumes can only be created by ONTAP and are given volume names that begin with MDV_aud_ followed by the UUID of the aggregate containing the staging volume.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>