The operating system must immediately notify the SA and ISSO (at a minimum) when allocated audit record storage volume reaches 75 percent of the repository maximum audit record storage capacity.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-203702	SRG-OS-000343-GPOS-00134	SV-203702r971542_rule		Low

Description

If security personnel are not notified immediately when storage volume reaches 75% utilization, they are unable to plan for audit record storage capacity expansion.

STIG	Date
General Purpose Operating System Security Requirements Guide	2024-12-04

Details

Check Text (C-3827r375053_chk)

Verify the operating system immediately notifies the SA and ISSO (at a minimum) when allocated audit record storage volume reaches 75% of the repository maximum audit record storage capacity. If it does not, this is a finding.

Fix Text (F-3827r375054_fix)

Configure the operating system to immediately notify the SA and ISSO (at a minimum) when allocated audit record storage volume reaches 75% of the repository maximum audit record storage capacity.