STIGQter STIGQter: STIG Summary: CA API Gateway NDM Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 19 Sep 2016: The CA API Gateway must forward all log audit log messages to the central log server.

DISA Rule

SV-86149r1_rule

Vulnerability Number

V-71525

Group Title

SRG-APP-000125-NDM-000241

Rule Version

CAGW-DM-000130

Severity

CAT III

CCI(s)

Weight

10

Fix Recommendation

Configure the CA API Gateway to forward all audit log messages to the central log server.

- Log in to CA API Gateway as root.
- Open "/etc/rsyslog.conf" for editing.
- Add a rule "*.* @@loghost.log.com" to the ruleset section of the "rsyslogd.conf" file.

Check Contents

Verify the CA API Gateway forwards all log audit log messages to the central log server.

Within the "/etc/rsyslog.conf" file, confirm a rule in the format "*.* @@loghost.log.com" is in the ruleset section.

If the CA API Gateway "/etc/rsyslog.conf" file does not have a rule in the format "*.* @@loghost.log.com" in the ruleset section, this is a finding.

Vulnerability Number

V-71525

Documentable

False

Rule Version

CAGW-DM-000130

Severity Override Guidance

Verify the CA API Gateway forwards all log audit log messages to the central log server.

Within the "/etc/rsyslog.conf" file, confirm a rule in the format "*.* @@loghost.log.com" is in the ruleset section.

If the CA API Gateway "/etc/rsyslog.conf" file does not have a rule in the format "*.* @@loghost.log.com" in the ruleset section, this is a finding.

Check Content Reference

M

Target Key

3051

Comments