STIGhubSTIGhub
STIGsRMF ControlsCompare

STIGhub

A free tool to search and browse the entire DISA STIG library. Saves up to 75% in security compliance research time.

Navigation

  • Browse STIGs
  • Search
  • RMF Controls
  • Compare Versions

Resources

  • About
  • Release Notes
  • VPAT
  • DISA STIG Library
STIGs updated 4 hours ago
Powered by Pylon
© 2026 Beacon Cloud Solutions, Inc. All rights reserved.
← Back to Tri-Lab Operating System Stack (TOSS) 5 Security Technical Implementation Guide

V-282430

CAT II (Medium)

TOSS 5 must periodically flush audit records to disk to prevent the loss of audit records.

Rule ID

SV-282430r1200270_rule

STIG

Tri-Lab Operating System Stack (TOSS) 5 Security Technical Implementation Guide

Version

V1R1

CCIs

CCI-000154

Discussion

If option "freq" is not set to a value that requires audit records being written to disk after a threshold number is reached, then audit records may be lost.

Check Content

Verify the audit system is configured to flush to disk after every 100 records using the following command:

$ sudo grep freq /etc/audit/auditd.conf 

freq = 100 

If "freq" isn't set to a value between "1" and "100", the value is missing, or the line is commented out, this is a finding.

Fix Text

Configure TOSS 5 to flush audit to disk by adding or updating the following rule in "/etc/audit/auditd.conf":

freq = 100

Restart the audit daemon for the changes to take effect.