STIG ID: APPL-14-001030 | SRG: SRG-OS-000046-GPOS-00022 | Severity: medium | CCI: | Vulnerability Id: V-259468
The audit service must be configured to notify the system administrator
when the amount of free disk space remaining reaches an organization defined value.
This rule ensures that the system administrator is notified in advance that action is required to free
up more disk space for audit logs.
Satisfies: SRG-OS-000046-GPOS-00022,SRG-OS-000343-GPOS-00134
Configure the macOS system to require a minimum of 25 percent free disk
space for audit record storage with the following command:
/usr/bin/sed -i.bak 's/.*minfree.*/minfree:25/' /etc/security/audit_control; /usr/sbin/audit -s
Verify the macOS system is configured to require a minimum of 25 percent free disk space
for audit record storage with the following command:
/usr/bin/awk -F: '/^minfree/{print $2}' /etc/security/audit_control
If the result is not "25", this is a finding.