STIGQter: STIG Summary: Central Log Server Security Requirements Guide Version: 1 Release: 4 Benchmark Date: 24 Jul 2020:

The Central Log Server log records must be configured to use the syslog protocol or another industry standard format (e.g., Windows event protocol) that can be used by typical analysis tools.

DISA Rule

SV-95827r1_rule

Vulnerability Number

V-81113

Group Title

SRG-APP-000088-AU-000040

Rule Version

SRG-APP-000088-AU-000040

Severity

CAT III

CCI(s)

• CCI-001353 - The information system produces a system-wide (logical or physical) audit trail composed of audit records in a standardized format.

Weight

10

Fix Recommendation

Configure the Central Log Server log records to use the syslog protocol or another industry standard format (e.g., Windows event protocol) that can be used by typical analysis tools.

Check Contents

Examine the configuration.

Verify log records are configured to use the syslog protocol or another industry standard format (e.g., Windows event protocol) that can be used by a typical analysis tools.

If the Central Log Server log records are not configured to use the syslog protocol or another industry standard format (e.g., Windows event protocol) that can be used by typical analysis tools, this is a finding.

Vulnerability Number

V-81113

Documentable

False

Rule Version

SRG-APP-000088-AU-000040

Severity Override Guidance

Examine the configuration.

Verify log records are configured to use the syslog protocol or another industry standard format (e.g., Windows event protocol) that can be used by a typical analysis tools.

If the Central Log Server log records are not configured to use the syslog protocol or another industry standard format (e.g., Windows event protocol) that can be used by typical analysis tools, this is a finding.

Check Content Reference

M

Target Key

3395

Comments