Skip to content

Canonical Ubuntu 20.04 LTS Security Technical Implementation Guide (STIG) V1R9

Rules and Groups employed by this XCCDF Profile

  • Configure auditd Data Retention

    The audit system writes data to <code>/var/log/audit/audit.log</code>. By default, <code>auditd</code> rotates 5 logs by size (6MB), retaining a ma...
    Group
  • Configure audispd Plugin To Send Logs To Remote Server

    Configure the audispd plugin to off-load audit records onto a different system or media from the system being audited. First, set the <code>active...
    Rule Medium Severity
  • Configure a Sufficiently Large Partition for Audit Logs

    The Ubuntu 20.04 operating system must allocate audit record storage capacity to store at least one weeks worth of audit records when audit records...
    Rule Medium Severity
  • Configure auditd Disk Full Action when Disk Space Is Full

    The <code>auditd</code> service can be configured to take an action when disk space is running low but prior to running out of space completely. Ed...
    Rule Medium Severity
  • Configure auditd mail_acct Action on Low Disk Space

    The <code>auditd</code> service can be configured to send email to a designated account in certain situations. Add or correct the following line in...
    Rule Medium Severity

The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.

Capacity
Modules