From Apple OS X 10.8 (Mountain Lion) Workstation STIG
Part of SRG-OS-000044
Associated with: CCI-000137
Operating system auditing capability is critical for accurate forensic analysis. Audit record content that may be necessary to satisfy the requirement of this control includes, time stamps, source and destination addresses, user/process identifiers, event descriptions, success/fail indications, file names involved, and access control or flow control rules invoked.
The check displays the "% free" to leave available for the system. The audit system will not write logs if the volume has less than this percentage of free disk space. To view the current setting, run the following command: sudo grep minfree /etc/security/audit_control | awk -F: '{ print $2 }' If this returns no results, or an incorrect setting for the organization, this is a finding.
Edit the /etc/security/audit_control file, and change the value for "minfree" to the percentage of free space you require to keep available for the system. You can use the following command to set the "minfree" value to "10%": sudo sed -i.bak 's/.*minfree.*/minfree:10/' /etc/security/audit_control
Lavender hyperlinks in small type off to the right (of CSS
class id, if you view the page source) point to
globally unique URIs for each document and item. Copy the
link location and paste anywhere you need to talk
unambiguously about these things.
You can obtain data about documents and items in other
formats. Simply provide an HTTP header Accept:
text/turtle or
Accept: application/rdf+xml.
Powered by sagemincer