STIGQter: STIG Summary: Arista MLS DCS-7000 Series NDM Security Technical Implementation Guide Version: 1 Release: 3 Benchmark Date: 25 Oct 2019: STIGQter: STIG Summary: Arista MLS DCS-7000 Series NDM Security Technical Implementation Guide Version: 1 Release: 3 Benchmark Date: 25 Oct 2019:SV-75301r1_rule
V-60845
SRG-APP-000080-NDM-000220
AMLS-NM-000170
CAT III
10
Enable logging on the switch with sufficient detail to fulfill the specifications set forth in the VulDiscussion.
To configure logging to a remote syslog server at the informational level, enter:
switch#config
switch(config)#logging host [ip address]
switch(config)#logging trap informational
Then configure the following AAA
aaa accounting commands all default start-stop logging [group radius]
Review the switch configuration and verify that logging is enabled.
If logging is not enabled or is not enabled with sufficient detail to fulfill the specifications set forth in the VulDiscussion, this is a finding.
To determine if logging is enabled, enter:
switch#show logging
The output must show logging as enabled, with a logging level of informational or debugging.
In order to ensure all user commands are captured, the following statement must be in the running config:
aaa accounting commands all default start-stop logging [group radius]
V-60845
False
AMLS-NM-000170
Review the switch configuration and verify that logging is enabled.
If logging is not enabled or is not enabled with sufficient detail to fulfill the specifications set forth in the VulDiscussion, this is a finding.
To determine if logging is enabled, enter:
switch#show logging
The output must show logging as enabled, with a logging level of informational or debugging.
In order to ensure all user commands are captured, the following statement must be in the running config:
aaa accounting commands all default start-stop logging [group radius]
M
2825