STIGhubSTIGhub
STIGsRMF ControlsCompare
STIGhub— A free STIG search and compliance tool·STIGs updated 3 days ago
Powered by Pylon·Privacy·Terms·© 2026 Beacon Cloud Solutions, Inc.
← Back to Solaris 11 X86 Security Technical Implementation Guide

V-216241

CAT III (Low)

The audit system must identify in which zone an event occurred.

Rule ID

SV-216241r959010_rule

STIG

Solaris 11 X86 Security Technical Implementation Guide

Version

V3R5

CCIs

CCI-000366

Discussion

Tracking the specific Solaris zones in the audit trail reduces the time required to determine the cause of a security event.

Check Content

This check applies to the global zone only. Determine the zone that you are currently securing.

# zonename

If the command output is "global", this check applies.

List the non-global zones on the system.

# zoneadm list -vi | grep -v global

The Audit Configuration profile is required.

Determine whether the "zonename" auditing policy is in effect.

# pfexec auditconfig -getpolicy | grep active | grep zonename

If no output is returned, this is a finding.

Fix Text

This check applies to the global zone only. Determine the zone that you are currently securing.

# zonename

If the command output is "global", this check applies.

List the non-global zones on the system.

# zoneadm list -vi | grep -v global

The Audit Configuration profile is required.

Enable the "zonename" auditing policy.

# pfexec auditconfig -setpolicy +zonename