The audit system must produce records containing sufficient information to establish the identity of any user/subject associated with the event.

An XCCDF Rule

Details
Profiles

Description

Enabling the audit system will produce records with accurate time stamps, source, user, and activity information. Without this information malicious activity cannot be accurately tracked.

ID: SV-216246r986419_rule
Version: SOL-11.1-010040
Severity: Medium
References: CCI-001487 CCI-004188
Updated: about 2 months ago

Remediation Templates

The Audit Control profile is required.

This action applies to the global zone only. Determine the zone to be secured.

# zonename
If the command output is "global", this action applies.

If auditing has been disabled, it must be enabled with the following command:

# pfexec audit -s

The audit system must produce records containing sufficient information to establish the identity of any user/subject associated with the event.

Description

Remediation Templates

A Manual Procedure