| ALMA-09-053260 | V1R4 | AlmaLinux OS 9 must take action when allocated audit record storage volume reaches 95 percent of the audit record storage capacity. | AlmaLinux OS 9 |
| ALMA-09-053370 | V1R4 | AlmaLinux OS 9 must take action when allocated audit record storage volume reaches 95 percent of the repository maximum audit record storage capacity. | AlmaLinux OS 9 |
| ALMA-09-053480 | V1R4 | AlmaLinux OS 9 must take action when allocated audit record storage volume reaches 75 percent of the repository maximum audit record storage capacity. | AlmaLinux OS 9 |
| ALMA-09-053590 | V1R4 | AlmaLinux OS 9 must notify the system administrator (SA) and information system security officer (ISSO) (at a minimum) when allocated audit record storage volume reaches 75 percent usage. | AlmaLinux OS 9 |
| APPL-13-001030 | V1R5 | The macOS system must provide an immediate warning to the System Administrator (SA) and Information System Security Officer (ISSO) (at a minimum) when allocated audit record storage volume reaches 75 percent of repository maximum audit record storage capacity. | macOS 13 - Ventura |
| OL07-00-030330 | V3R3 | The Oracle Linux operating system must initiate an action to notify the System Administrator (SA) and Information System Security Officer (ISSO), at a minimum, when allocated audit record storage volume reaches 75 percent of the repository maximum audit record storage capacity. | Oracle Linux 7 |
| OL07-00-030340 | V3R3 | The Oracle Linux operating system must immediately notify the System Administrator (SA) and Information System Security Officer (ISSO) (at a minimum) via email when the threshold for the repository maximum audit record storage capacity is reached. | Oracle Linux 7 |
| OL07-00-030350 | V3R3 | The Oracle Linux operating system must immediately notify the System Administrator (SA) and Information System Security Officer (ISSO) (at a minimum) when the threshold for the repository maximum audit record storage capacity is reached. | Oracle Linux 7 |
| OL08-00-030730 | V2R6 | OL 8 must take action when allocated audit record storage volume reaches 75 percent of the repository maximum audit record storage capacity. | Oracle Linux 8 |
| OL08-00-030731 | V2R6 | OL 8 must notify the System Administrator (SA) and Information System Security Officer (ISSO) (at a minimum) when allocated audit record storage volume 75 percent utilization. | Oracle Linux 8 |
| OL09-00-000865 | V1R3 | OL 9 must take action when allocated audit record storage volume reaches 75 percent of the repository maximum audit record storage capacity. | Oracle Linux 9 |
| OL09-00-000870 | V1R3 | OL 9 must notify the system administrator (SA) and information system security officer (ISSO) (at a minimum) when allocated audit record storage volume reaches 75 percent utilization. | Oracle Linux 9 |
| OL09-00-000875 | V1R3 | OL 9 must take action when allocated audit record storage volume reaches 95 percent of the audit record storage capacity. | Oracle Linux 9 |
| OL09-00-000885 | V1R3 | OL 9 must act when allocated audit record storage volume reaches 95 percent of the repository maximum audit record storage capacity. | Oracle Linux 9 |
| RHEL-07-030330 | V3R9 | The Red Hat Enterprise Linux operating system must initiate an action to notify the System Administrator (SA) and Information System Security Officer ISSO, at a minimum, when allocated audit record storage volume reaches 75% of the repository maximum audit record storage capacity. | Red Hat Enterprise Linux 7 |
| RHEL-07-030340 | V3R9 | The Red Hat Enterprise Linux operating system must immediately notify the System Administrator (SA) and Information System Security Officer (ISSO) (at a minimum) via email when the threshold for the repository maximum audit record storage capacity is reached. | Red Hat Enterprise Linux 7 |
| RHEL-07-030350 | V3R9 | The Red Hat Enterprise Linux operating system must immediately notify the System Administrator (SA) and Information System Security Officer (ISSO) (at a minimum) when the threshold for the repository maximum audit record storage capacity is reached. | Red Hat Enterprise Linux 7 |
| RHEL-08-030730 | V2R5 | RHEL 8 must take action when allocated audit record storage volume reaches 75 percent of the repository maximum audit record storage capacity. | Red Hat Enterprise Linux 8 |
| RHEL-08-030731 | V2R5 | RHEL 8 must notify the System Administrator (SA) and Information System Security Officer (ISSO) (at a minimum) when allocated audit record storage volume 75 percent utilization. | Red Hat Enterprise Linux 8 |
| RHEL-09-653035 | V2R6 | RHEL 9 must take action when allocated audit record storage volume reaches 75 percent of the repository maximum audit record storage capacity. | Red Hat Enterprise Linux 9 |
| RHEL-09-653040 | V2R6 | RHEL 9 must notify the system administrator (SA) and information system security officer (ISSO) (at a minimum) when allocated audit record storage volume reaches 75 percent utilization. | Red Hat Enterprise Linux 9 |
| RHEL-09-653045 | V2R6 | RHEL 9 must take action when allocated audit record storage volume reaches 95 percent of the audit record storage capacity. | Red Hat Enterprise Linux 9 |
| RHEL-09-653050 | V2R6 | RHEL 9 must take action when allocated audit record storage volume reaches 95 percent of the repository maximum audit record storage capacity. | Red Hat Enterprise Linux 9 |
| SLES-12-020030 | V3R2 | The SUSE operating system auditd service must notify the System Administrator (SA) and Information System Security Officer (ISSO) immediately when audit storage capacity is 75 percent full. | SUSE Linux Enterprise 12 |
| SLES-15-030700 | V2R4 | The SUSE operating system auditd service must notify the System Administrator (SA) and Information System Security Officer (ISSO) immediately when audit storage capacity is 75 percent full. | SUSE Linux Enterprise 15 |
| UBTU-18-010006 | V2R15 | The Ubuntu operating system must immediately notify the SA and ISSO (at a minimum) when allocated audit record storage volume reaches 75% of the repository maximum audit record storage capacity. | Ubuntu 18.04 |
| UBTU-20-010217 | V2R3 | The Ubuntu operating system must immediately notify the SA and ISSO (at a minimum) when allocated audit record storage volume reaches 75% of the repository maximum audit record storage capacity. | Ubuntu 20.04 |
| UBTU-22-653040 | V2R6 | Ubuntu 22.04 LTS must immediately notify the system administrator (SA) and information system security officer (ISSO) when the audit record storage volume reaches 25 percent remaining of the allocated capacity. | Ubuntu 22.04 |
| UBTU-24-900960 | V1R1 | Ubuntu 24.04 LTS must immediately notify the system administrator (SA) and information system security officer (ISSO) (at a minimum) when allocated audit record storage volume reaches 75 percent of the repository maximum audit record storage capacity. | Ubuntu 24.04 |