STIGhubSTIGhub
STIGsRMF ControlsCompare
STIGhub— A free STIG search and compliance tool·STIGs updated 3 days ago
Powered by Pylon·Privacy·Terms·© 2026 Beacon Cloud Solutions, Inc.
← Back to Nutanix AOS 5.20.x OS Security Technical Implementation Guide

V-254183

CAT II (Medium)

Nutanix AOS must protect audit information from unauthorized access.

Rule ID

SV-254183r958434_rule

STIG

Nutanix AOS 5.20.x OS Security Technical Implementation Guide

Version

V1R2

CCIs

CCI-000162CCI-000163CCI-000164

Discussion

Unauthorized disclosure of audit records can reveal system and configuration data to attackers, thus compromising its confidentiality. Audit information includes all information (e.g., audit records, audit settings, audit reports) needed to successfully audit operating system activity. Satisfies: SRG-OS-000057-GPOS-00027, SRG-OS-000058-GPOS-00028, SRG-OS-000059-GPOS-00029

Check Content

Verify Nutanix AOS audit log permissions are "0600" or less permissive.

$ sudo stat -c "%a %n" /home/log/audit/audit.log
600 /home/log/audit/audit.log

If the audit.log file(s) are more permissive than "0600", this is a finding.

Fix Text

Run the salt stack call to set the audit log file permissions to "600".

$ sudo salt-call state.sls security/CVM/auditCVM