STIGhubSTIGhub
STIGsSearchCompareAbout

STIGhub

A free tool to search and browse the entire DISA STIG library. Saves up to 75% in security compliance research time.

Navigation

  • Browse STIGs
  • Search
  • Compare Versions

Resources

  • About
  • VPAT
  • DISA STIG Library
Powered by Pylon
© 2026 Beacon Cloud Solutions, Inc. All rights reserved.
← Back to Amazon Linux 2023 Security Technical Implementation Guide

V-274068

CAT III (Low)

Amazon Linux 2023 must use a separate file system for the system audit data path.

Rule ID

SV-274068r1120192_rule

STIG

Amazon Linux 2023 Security Technical Implementation Guide

Version

V1R3

CCIs

CCI-001849

Discussion

Placing "/var/log/audit" in its own partition enables better separation between audit files and other system files and helps ensure that auditing cannot be halted due to the partition running out of space.

Check Content

Verify Amazon Linux 2023 has a separate file system/partition created for the system audit data path with the following command:

Note: /var/log/audit is used as the example as it is a common location.

$ mount | grep /var/log/audit 
UUID=2efb2979-45ac-82d7-0ae632d11f51 on /var/log/home type xfs (rw,realtime,seclabel,attr2,inode64)

Fix Text

Configure Amazon Linux 2023 to have a separate file system/partition for the system audit data path.

Migrate the system audit data path onto a separate partition.