STIGQter STIGQter: STIG Summary: Juniper SRX SG ALG Security Technical Implementation Guide Version: 1 Release: 4 Benchmark Date: 26 Jul 2019: In the event that communications with the Syslog server is lost, the Juniper SRX Services Gateway must continue to queue traffic log records locally.

DISA Rule

SV-80799r1_rule

Vulnerability Number

V-66309

Group Title

SRG-NET-000089-ALG-000055

Rule Version

JUSX-AG-000063

Severity

CAT II

CCI(s)

Weight

10

Fix Recommendation

The following example commands configure local backup files to capture DoD-defined auditable events.

[edit]
set system syslog file <LOG-NAME> any info
set system syslog file <LOG-NAME> match "RT_FLOW_SESSION "

Example:
set system syslog file<LOG-NAME> match "RT_FLOW_SESSION "

Check Contents

Verify logging has been enabled and configured.

[edit]
show log <LOG-NAME> match "RT_FLOW_SESSION"

If a local log file or files is not configured to capture "RT_FLOW_SESSION" events, this is a finding.

Vulnerability Number

V-66309

Documentable

False

Rule Version

JUSX-AG-000063

Severity Override Guidance

Verify logging has been enabled and configured.

[edit]
show log <LOG-NAME> match "RT_FLOW_SESSION"

If a local log file or files is not configured to capture "RT_FLOW_SESSION" events, this is a finding.

Check Content Reference

M

Target Key

3035

Comments