STIGhubSTIGhub
STIGsRMF ControlsCompare

STIGhub

A free tool to search and browse the entire DISA STIG library. Saves up to 75% in security compliance research time.

Navigation

  • Browse STIGs
  • Search
  • RMF Controls
  • Compare Versions

Resources

  • About
  • Release Notes
  • VPAT
  • DISA STIG Library
STIGs updated 3 hours ago
Powered by Pylon
© 2026 Beacon Cloud Solutions, Inc. All rights reserved.
← Back to Nutanix AOS 5.20.x OS Security Technical Implementation Guide

V-254183

CAT II (Medium)

Nutanix AOS must protect audit information from unauthorized access.

Rule ID

SV-254183r958434_rule

STIG

Nutanix AOS 5.20.x OS Security Technical Implementation Guide

Version

V1R2

CCIs

CCI-000162CCI-000163CCI-000164

Discussion

Unauthorized disclosure of audit records can reveal system and configuration data to attackers, thus compromising its confidentiality. Audit information includes all information (e.g., audit records, audit settings, audit reports) needed to successfully audit operating system activity. Satisfies: SRG-OS-000057-GPOS-00027, SRG-OS-000058-GPOS-00028, SRG-OS-000059-GPOS-00029

Check Content

Verify Nutanix AOS audit log permissions are "0600" or less permissive.

$ sudo stat -c "%a %n" /home/log/audit/audit.log
600 /home/log/audit/audit.log

If the audit.log file(s) are more permissive than "0600", this is a finding.

Fix Text

Run the salt stack call to set the audit log file permissions to "600".

$ sudo salt-call state.sls security/CVM/auditCVM