Check: OSX00150 M6
MACOSX 10.6:
OSX00150 M6
(in version v1 r3)
Title
Local logging must be enabled. (Cat II impact)
Discussion
Logging is essential for tracking system events, in the event of unauthorized access, logs may contain information about how and when the access occurred. Ensure logging is enabled and log files are properly rotated. The default configuration in /etc/newsyslog.conf is used to configure local logging in the /var/log folder. The computer is set to rotate log files using the periodic launchd job according to time intervals specified in the /etc/newsyslog.conf file.
Check Content
Open a terminal session and enter the following command. more /etc/newsyslog.conf If the count values are not set to "14", this is a finding.
Fix Text
Open a terminal session and edit the following file and set the count value(s) to "14". /etc/newsyslog.conf
Additional Identifiers
Rule ID: SV-38522r1_rule
Vulnerability ID: V-25270
Group Title:
Expert Comments
CCIs
Number | Definition |
---|---|
No CCIs are assigned to this check |
Controls
Number | Title |
---|---|
No controls are assigned to this check |