STIGQter: STIG Summary: Central Log Server Security Requirements Guide Version: 1 Release: 4 Benchmark Date: 24 Jul 2020:

The Central Log Server must be configured to aggregate log records from organization-defined devices and hosts within its scope of coverage.

DISA Rule

SV-95821r1_rule

Vulnerability Number

V-81107

Group Title

SRG-APP-000086-AU-000020

Rule Version

SRG-APP-000086-AU-000020

Severity

CAT III

CCI(s)

• CCI-000174 - The information system compiles audit records from organization-defined information system components into a system-wide (logical or physical) audit trail that is time-correlated to within an organization-defined level of tolerance for relationship between time stamps of individual records in the audit trail.

Weight

10

Fix Recommendation

For each log server, configure the server to aggregate log records from organization-defined devices and hosts within its scope of coverage.

Check Contents

Examine the documentation that lists the scope of coverage for the specific log server being reviewed.

Verify the system is configured to aggregate log records from organization-defined devices and hosts within its scope of coverage.

If the Central Log Server is not configured to aggregate log records from organization-defined devices and hosts within its scope of coverage, this is a finding.

Vulnerability Number

V-81107

Documentable

False

Rule Version

SRG-APP-000086-AU-000020

Severity Override Guidance

Examine the documentation that lists the scope of coverage for the specific log server being reviewed.

Verify the system is configured to aggregate log records from organization-defined devices and hosts within its scope of coverage.

If the Central Log Server is not configured to aggregate log records from organization-defined devices and hosts within its scope of coverage, this is a finding.

Check Content Reference

M

Target Key

3395

Comments