STIGQter: STIG Summary: Central Log Server Security Requirements Guide Version: 1 Release: 4 Benchmark Date: 24 Jul 2020:

The Central Log Server must be configured to allow only the Information System Security Manager (ISSM) (or individuals or roles appointed by the ISSM) to select which auditable events are to be retained.

DISA Rule

SV-95831r1_rule

Vulnerability Number

V-81117

Group Title

SRG-APP-000090-AU-000070

Rule Version

SRG-APP-000090-AU-000070

Severity

CAT III

CCI(s)

• CCI-000171 - The information system allows organization-defined personnel or roles to select which auditable events are to be audited by specific components of the information system.

Weight

10

Fix Recommendation

Configure the Central Log Server to allow only the ISSM (or individuals or roles appointed by the ISSM) to select which auditable events are to be retained.

Check Contents

Examine the configuration.

Verify the system is configured to allow only the ISSM (or individuals or roles appointed by the ISSM) to select which auditable events are to be retained.

If the Central Log Server is not configured to allow only the ISSM (or individuals or roles appointed by the ISSM) to select which auditable events are to be retained, this is a finding.

Vulnerability Number

V-81117

Documentable

False

Rule Version

SRG-APP-000090-AU-000070

Severity Override Guidance

Examine the configuration.

Verify the system is configured to allow only the ISSM (or individuals or roles appointed by the ISSM) to select which auditable events are to be retained.

If the Central Log Server is not configured to allow only the ISSM (or individuals or roles appointed by the ISSM) to select which auditable events are to be retained, this is a finding.

Check Content Reference

M

Target Key

3395

Comments