Title

The operating system must provide a report generation capability that supports on-demand audit review and analysis. (Cat II impact)

Discussion

The report generation capability must support on-demand review and analysis in order to facilitate the organization's ability to generate incident reports, as needed, to better handle larger-scale or more complex security incidents. Report generation must be capable of generating on-demand (i.e., customizable, ad hoc, and as-needed) reports. On-demand reporting allows personnel to report issues more rapidly to more effectively meet reporting requirements. Collecting log data and aggregating it to present the data in a single, consolidated report achieves this objective. Satisfies: SRG-OS-000350-GPOS-00138, SRG-OS-000351-GPOS-00139, SRG-OS-000352-GPOS-00140, SRG-OS-000354-GPOS-00142

Check Content

Verify the operating system provides a report generation capability that supports on-demand audit review and analysis. If it does not, this is a finding. Ensure "praudit" is installed: $ which praudit /usr/sbin/praudit If the command is not found, this is a finding. If an alternative audit report generating capabiltity is in place, this is not a finding.

Fix Text

Configure the operating system to provide a report generation capability that supports on-demand audit review and analysis.

Additional Identifiers

Rule ID:

Vulnerability ID: V-1380

Group Title:

Expert Comments

CCIs tied to check.

Controls tied to check. These are derived from the CCIs shown above.