STIGhubSTIGhub
STIGsRMF ControlsCompare
STIGhub— A free STIG search and compliance tool·STIGs updated 3 days ago
Powered by Pylon·Privacy·Terms·© 2026 Beacon Cloud Solutions, Inc.
← Back to IBM AIX 7.x Security Technical Implementation Guide

V-215256

CAT II (Medium)

AIX audit logs must be rotated daily.

Rule ID

SV-215256r991589_rule

STIG

IBM AIX 7.x Security Technical Implementation Guide

Version

V3R2

CCIs

CCI-000366

Discussion

Rotate audit logs daily to preserve audit file system space and to conform to the DoD/DISA requirement. If it is not rotated daily and moved to another location, then there is more of a chance for the compromise of audit data by malicious users.

Check Content

Check for any "crontab" entries that rotate audit logs:

# crontab -l 
30  23  * * * /root/logrotate.sh     #Daily log rotation script
If such a cron job is found, this is not a finding. 

Otherwise, query the SA. 

If there is a process automatically rotating audit logs, this is not a finding. 

If the SA manually rotates audit logs, this is a finding.  

If the audit output is not archived daily, to tape or disk, this is a finding. 

Review the audit log directory.

If more than one file is there, or if the file does not have today's date, this is a finding.

Fix Text

Configure a cron job or other automated process to rotate the audit logs on a daily basis.