STIGhubSTIGhub
STIGsRMF ControlsCompare

STIGhub

A free tool to search and browse the entire DISA STIG library. Saves up to 75% in security compliance research time.

Navigation

  • Browse STIGs
  • Search
  • RMF Controls
  • Compare Versions

Resources

  • About
  • Release Notes
  • VPAT
  • DISA STIG Library
STIGs updated 1 hour ago
Powered by Pylon
© 2026 Beacon Cloud Solutions, Inc. All rights reserved.
← Back to IBM AIX 7.x Security Technical Implementation Guide

V-215253

CAT II (Medium)

AIX must allocate audit record storage capacity to store at least one weeks worth of audit records, when audit records are not immediately sent to a central audit record storage facility.

Rule ID

SV-215253r958752_rule

STIG

IBM AIX 7.x Security Technical Implementation Guide

Version

V3R2

CCIs

CCI-001849

Discussion

In order to ensure operating systems have a sufficient storage capacity in which to write the audit logs, operating systems need to be able to allocate audit record storage capacity. The task of allocating audit record storage capacity is usually performed during initial installation of AIX.

Check Content

Check the file system size where the log file resides is greater than the organizationally defined size of audit logs for one week (1GB). 

Find out where the audit log resides: 
# grep trail /etc/security/audit/config 
        trail = /audit/trail

Find out the available space in the file system hosting the audit logs. 

# df /audit/trail
Filesystem    512-blocks      Free %Used    Iused %Iused Mounted on
/dev/hd4         1966080   1792872    9%     3913     2% /

If the "512-blocks" multiplied by "Free" is less than the required size for the audit logs, this is a finding.

Fix Text

Increase the size of the file system hosting the audit logs (by 1GB).
# chfs -a size=+1G <root of file system for audit logs>