The operating system must alert designated organizational officials in the event of an audit processing failure.

An XCCDF Rule

Details
Profiles

Description

Proper alerts to system administrators and IA officials of audit failures ensure a timely response to critical system issues.

ID: SV-216038r958424_rule
Version: SOL-11.1-010390
Severity: High
References: CCI-000139
Updated: about 2 months ago

Remediation Templates

The root role is required. 

This action applies to the global zone only. Determine the zone that you are currently securing.

# zonename
If the command output is "global", this action applies.

Add an audit_warn alias to /etc/mail/aliases that will forward to designated system administrator(s).

# pfedit /etc/mail/aliases

Insert a line in the form:
audit_warn:user1,user2

Put the updated aliases file into service.
# newaliases

The operating system must alert designated organizational officials in the event of an audit processing failure.

Description

Remediation Templates

A Manual Procedure