SRG-OS-000479-GPOS-00224 Controls

STIG ID Version Title Product
RHEL-09-652010 V2R2 RHEL 9 must have the rsyslog package installed.
RHEL-09-652055 V2R2 RHEL 9 must be configured to forward audit records via TCP to a different system or media from the system being audited via rsyslog.
SLES-12-020100 V3R1 The audit system must take appropriate action when the network cannot be used to off-load audit records.
SLES-12-020110 V3R1 Audispd must take appropriate action when the SUSE operating system audit storage is full.
SLES-12-030340 V3R1 The SUSE operating system must off-load rsyslog messages for networked systems in real time and off-load standalone systems at least weekly.
SLES-15-010580 V2R2 The SUSE operating system must off-load rsyslog messages for networked systems in real time and off-load standalone systems at least weekly.
SLES-15-030790 V2R2 The SUSE operating system must off-load audit records onto a different system or media from the system being audited.
SLES-15-030800 V2R2 Audispd must take appropriate action when the SUSE operating system audit storage is full.
UBTU-18-010007 V2R15 The Ubuntu operating system audit event multiplexor must be configured to off-load audit logs onto a different system in real time, if the system is interconnected.
UBTU-18-010008 V2R15 The Ubuntu operating system must have a crontab script running weekly to off-load audit events of standalone systems.
UBTU-20-010300 V2R1 The Ubuntu operating system must have a crontab script running weekly to offload audit events of standalone systems.
UBTU-22-651035 V2R2 Ubuntu 22.04 LTS must have a crontab script running weekly to offload audit events of standalone systems.
WN16-AU-000020 V2R9 Windows Server 2016 must, at a minimum, offload audit records of interconnected systems in real time and offload standalone or nondomain-joined systems weekly.
WN19-AU-000020 V3R2 Windows Server 2019 must, at a minimum, offload audit records of interconnected systems in real time and offload standalone or nondomain-joined systems weekly.
WN22-AU-000020 V2R2 Windows Server 2022 must, at a minimum, offload audit records of interconnected systems in real time and offload standalone or nondomain-joined systems weekly.
This website is not created by, run, approved, or endorsed by the U.S. Department of Defense. Use at your own risk. This website is created by open-source software.