CCI-000138 requires configuring auditing to reduce the likelihood of storage capacity being exceeded. The configure_auditd_data_retention group addresses this requirement.
Signed-off-by: Willy Santos <[email protected]> --- rhel6/src/input/system/auditing.xml | 1 + 1 files changed, 1 insertions(+), 0 deletions(-) diff --git a/rhel6/src/input/system/auditing.xml b/rhel6/src/input/system/auditing.xml index f1cf4a8..7668357 100644 --- a/rhel6/src/input/system/auditing.xml +++ b/rhel6/src/input/system/auditing.xml @@ -119,6 +119,7 @@ sure this can never happen under normal circumstances! Ensure that larger than the maximum amount of data <tt>auditd</tt> will retain normally.</i> </description> +<ref disa="138" /> <Value id="var_auditd_num_logs" type="number" > <title>Number of log files for auditd to retain</title> -- 1.7.7.6 _______________________________________________ scap-security-guide mailing list [email protected] https://fedorahosted.org/mailman/listinfo/scap-security-guide
