STIGQter: STIG Summary: Juniper SRX SG NDM Security Technical Implementation Guide Version: 2 Release: 1 Benchmark Date: 23 Apr 2021: STIGQter: STIG Summary: Juniper SRX SG NDM Security Technical Implementation Guide Version: 2 Release: 1 Benchmark Date: 23 Apr 2021:SV-223197r513283_rule
V-223197
SRG-APP-000101-NDM-000231
JUSX-DM-000055
CAT III
10
The following commands configure syslog to record any use of any command, including privileged commands. Configure Syslog and local backup files to capture DoD-defined auditable events.
[edit]
set system syslog user * any emergency
set system syslog host <IP-syslog-server> any any
set system syslog host <IP-syslog-server> source-address <MGT-IP-Address>
set system syslog host <IP-syslog-server> log-prefix <host-name>
set system syslog file messages any info
set system syslog file messages authorization none
set system syslog file messages interactive-commands none
set system syslog file messages daemon none
set system syslog file User-Auth authorization any
set system syslog file interactive-commands interactive-commands any
set system syslog file processes daemon any
set system syslog file account-actions change-log any any
set file account-actions match “system login user”
set system syslog console any any
Verify logging has been enabled and configured.
[edit]
show system syslog
If at least one valid syslog host server and the syslog file names are not configured to capture "any" facility and "any" event, this is a finding.
V-223197
False
JUSX-DM-000055
Verify logging has been enabled and configured.
[edit]
show system syslog
If at least one valid syslog host server and the syslog file names are not configured to capture "any" facility and "any" event, this is a finding.
M
4098