STIGQter STIGQter: STIG Summary: Oracle Linux 6 Security Technical Implementation Guide Version: 1 Release: 17 Benchmark Date: 25 Oct 2019: The system must use a separate file system for the system audit data path.

DISA Rule

SV-64867r1_rule

Vulnerability Number

V-50661

Group Title

SRG-OS-000044

Rule Version

OL6-00-000004

Severity

CAT III

CCI(s)

Weight

10

Fix Recommendation

Audit logs are stored in the "/var/log/audit" directory. Ensure that it has its own partition or logical volume at installation time, or migrate it later using LVM. Make absolutely certain that it is large enough to store all audit logs that will be created by the auditing daemon.

Check Contents

Run the following command to determine if "/var/log/audit" is on its own partition or logical volume:

$ mount | grep "on /var/log/audit "

If "/var/log/audit" has its own partition or volume group, a line will be returned.
If no line is returned, this is a finding.

Vulnerability Number

V-50661

Documentable

False

Rule Version

OL6-00-000004

Severity Override Guidance

Run the following command to determine if "/var/log/audit" is on its own partition or logical volume:

$ mount | grep "on /var/log/audit "

If "/var/log/audit" has its own partition or volume group, a line will be returned.
If no line is returned, this is a finding.

Check Content Reference

M

Target Key

2208

Comments