STIGQter STIGQter: STIG Summary: Solaris 10 SPARC Security Technical Implementation Guide Version: 2 Release: 2 Benchmark Date: 22 Jan 2021:

The system must only use remote syslog servers (log hosts) justified and documented using site-defined procedures.

DISA Rule

SV-226983r603265_rule

Vulnerability Number

V-226983

Group Title

SRG-OS-000480

Rule Version

GEN005460

Severity

CAT II

CCI(s)

Weight

10

Fix Recommendation

Remove, replace, or document the referenced undocumented log host.

Check Contents

Examine the syslog.conf file for any references to remote log hosts.
# grep -v "^#" /etc/syslog.conf | grep '@'
Destination locations beginning with an @ represent log hosts. If the log host name is a local alias, such as log host, consult the /etc/hosts or other name databases as necessary to obtain the canonical name or address for the log host. Determine if the host referenced is a log host documented using site-defined procedures. If an undocumented log host is referenced, this is a finding.

Vulnerability Number

V-226983

Documentable

False

Rule Version

GEN005460

Severity Override Guidance

Examine the syslog.conf file for any references to remote log hosts.
# grep -v "^#" /etc/syslog.conf | grep '@'
Destination locations beginning with an @ represent log hosts. If the log host name is a local alias, such as log host, consult the /etc/hosts or other name databases as necessary to obtain the canonical name or address for the log host. Determine if the host referenced is a log host documented using site-defined procedures. If an undocumented log host is referenced, this is a finding.

Check Content Reference

M

Target Key

4060

Comments