STIGQter: STIG Summary: IBM z/OS RACF Security Technical Implementation Guide Version: 8 Release: 3 Benchmark Date: 23 Apr 2021:

IBM z/OS SMF collection files (system MANx datasets or LOGSTREAM DASD) must have storage capacity to store at least one weeks worth of audit data.

DISA Rule

SV-223770r604139_rule

Vulnerability Number

V-223770

Group Title

SRG-OS-000341-GPOS-00132

Rule Version

RACF-OS-000140

Severity

CAT II

CCI(s)

CCI-001849 - The organization allocates audit record storage capacity in accordance with organization-defined audit record storage requirements.

Weight

Fix Recommendation

Make sure output file and dump procedures allow storage capacity to store one week's worth of audit data.

Check Contents

Review the SMF dump procedure in there system.

If the output datasets in the procedure have storage capacity to store at least one week's worth of audit data, this is not a finding.

Vulnerability Number

V-223770

Documentable

False

Rule Version

RACF-OS-000140

Severity Override Guidance

Review the SMF dump procedure in there system.

If the output datasets in the procedure have storage capacity to store at least one week's worth of audit data, this is not a finding.

Check Content Reference

Target Key

4101

IBM z/OS SMF collection files (system MANx datasets or LOGSTREAM DASD) must have storage capacity to store at least one weeks worth of audit data.

DISA Rule

Vulnerability Number

Group Title

Rule Version

Severity

CCI(s)

Weight

Fix Recommendation

Check Contents

Vulnerability Number

Documentable

Rule Version

Severity Override Guidance

Check Content Reference

Target Key

Comments