The Tanium operating system (TanOS) must provide an immediate warning to the SA and ISSO (at a minimum) when allocated audit record storage volume reaches 75 percent of repository maximum audit record storage capacity.
Severity | Group ID | Group Title | Version | Rule ID | Date | STIG Version |
|---|---|---|---|---|---|---|
| medium | V-254863 | SRG-OS-000343 | TANS-OS-001035 | SV-254863r971542_rule | 2025-02-11 | 2 |
| Description |
|---|
| If security personnel are not notified immediately when storage volume reaches 75 percent, they are unable to plan for audit record storage capacity expansion. |
| ℹ️ Check |
|---|
| 1. Access the TanOS interactively. 2. Press "A" for "Appliance Configuration Menu," and then press "Enter". 3. Press "5" for "SNMP Configuration," and then press "Enter". If the State is "Disabled" this is a finding. If the state is "Enabled", work with the SNMP monitoring system administrator to ensure warnings are sent when TanOS storage reaches 75 percent of capacity. If they are not being sent, and this is a finding. |
| ✔️ Fix |
|---|
| 1. Access the TanOS interactively. 2. Press "A" for "Appliance Configuration Menu," and then press "Enter". 3. Press "5" for "SNMP Configuration," and then press "Enter". 4. Press "S" for "Set Password and Start the SNMP Service," and then press "Enter". 5. Enter the desired SNMP password and press "Enter". 6. Press "Enter" to continue and return to the SNMP configuration menu and verify the state is now "Enabled". Work with the SNMP monitoring system administrator to enable warning alerts for low free space. |