Check: GEN003160
Solaris 10 X86 STIG:
GEN003160
(in versions v2 r4 through v1 r17)
Title
Cron logging must be implemented. (Cat II impact)
Discussion
Cron logging can be used to trace the successful or unsuccessful execution of cron jobs. It can also be used to spot intrusions into the use of the cron facility by unauthorized and malicious users.
Check Content
# ls -lL /var/cron/log If this file does not exist, or is older than the last cron job, this is a finding. # more /etc/default/cron If a CRONLOG=YES line does not exist, this is a finding.
Fix Text
Edit /etc/default/cron and set CRONLOG=YES.
Additional Identifiers
Rule ID: SV-227752r603266_rule
Vulnerability ID: V-227752
Group Title: SRG-OS-000470
Expert Comments
Expert comments are only available to logged-in users.
CCIs
CCIs tied to check.
| Number | Definition |
|---|---|
| CCI-000172 |
The information system generates audit records for the events defined in AU-2 d. with the content defined in AU-3. |
Controls
Controls tied to check. These are derived from the CCIs shown above.
| Number | Title |
|---|---|
| AU-12 |
Audit Generation |