STIGQter STIGQter: STIG Summary: Solaris 10 SPARC Security Technical Implementation Guide Version: 2 Release: 2 Benchmark Date: 22 Jan 2021:

The system syslog service must log informational and more severe SMTP service messages.

DISA Rule

SV-226937r603265_rule

Vulnerability Number

V-226937

Group Title

SRG-OS-000062

Rule Version

GEN004460

Severity

CAT II

CCI(s)

Weight

10

Fix Recommendation

Edit the syslog.conf file and add a configuration line specifying an appropriate destination for mail.crit syslogs.

Check Contents

Check the syslog configuration file for mail.crit logging configuration.

Procedure:
# more /etc/syslog.conf

Verify a line similar to one of the following lines is present in syslog.conf is configured so that critical mail log data is logged. (Critical log data may also be captured by a remote log host in accordance with GEN005460.)

mail.crit /var/adm/messages
*.crit /var/log/messages

Less severe syslog levels (err, warning, info, and debug) may be substituted for crit, since they will also capture crit level syslog messages. If syslog is not configured to log critical Sendmail messages, this is a finding.

Vulnerability Number

V-226937

Documentable

False

Rule Version

GEN004460

Severity Override Guidance

Check the syslog configuration file for mail.crit logging configuration.

Procedure:
# more /etc/syslog.conf

Verify a line similar to one of the following lines is present in syslog.conf is configured so that critical mail log data is logged. (Critical log data may also be captured by a remote log host in accordance with GEN005460.)

mail.crit /var/adm/messages
*.crit /var/log/messages

Less severe syslog levels (err, warning, info, and debug) may be substituted for crit, since they will also capture crit level syslog messages. If syslog is not configured to log critical Sendmail messages, this is a finding.

Check Content Reference

M

Target Key

4060

Comments