STIGQter: STIG Summary: IBM z/OS TSS Security Technical Implementation Guide Version: 8 Release: 2 Benchmark Date: 23 Apr 2021:

IBM z/OS SMF collection files (system MANx data sets or LOGSTREAM DASD) must have storage capacity to store at least one weeks worth of audit data.

DISA Rule

SV-224021r561402_rule

Vulnerability Number

V-224021

Group Title

SRG-OS-000341-GPOS-00132

Rule Version

TSS0-OS-000240

Severity

CAT II

CCI(s)

CCI-001849 - The organization allocates audit record storage capacity in accordance with organization-defined audit record storage requirements.

Weight

Fix Recommendation

The system Link Pack Area (LPA) is the component of MVS that maintains core operating system functions resident in main storage. A security concern exists when libraries from which LPA modules are obtained require APF authorization.

Check Contents

Review the SMF dump procedure in there system.

If the output data sets in the procedure have storage capacity to store at least one weeks' worth of audit data, this is not a finding.

Vulnerability Number

V-224021

Documentable

False

Rule Version

TSS0-OS-000240

Severity Override Guidance

Review the SMF dump procedure in there system.

If the output data sets in the procedure have storage capacity to store at least one weeks' worth of audit data, this is not a finding.

Check Content Reference

Target Key

4102

IBM z/OS SMF collection files (system MANx data sets or LOGSTREAM DASD) must have storage capacity to store at least one weeks worth of audit data.

DISA Rule

Vulnerability Number

Group Title

Rule Version

Severity

CCI(s)

Weight

Fix Recommendation

Check Contents

Vulnerability Number

Documentable

Rule Version

Severity Override Guidance

Check Content Reference

Target Key

Comments