Offload audit Logs to External Media

An XCCDF Rule

Details
Profiles
Prose

Description

The operating system must have a crontab script running weekly to offload audit events of standalone systems.

warning alert: Warning

Due to different needs and possibilities, automated remediation is not available for this configuration check.

Rationale

Information stored in one location is vulnerable to accidental or incidental deletion or alteration. Offloading is a common process in information systems with limited audit storage capacity.

ID: xccdf_org.ssgproject.content_rule_auditd_offload_logs
Severity: Medium
References: CCI-001851

SRG-OS-000479-GPOS-00224
Updated: about 1 year ago