STIGQter: STIG Summary: Central Log Server Security Requirements Guide Version: 1 Release: 4 Benchmark Date: 24 Jul 2020:

The Central Log Server must be configured to perform analysis of log records across multiple devices and hosts in the enclave that can be reviewed by authorized individuals.

DISA Rule

SV-95833r1_rule

Vulnerability Number

V-81119

Group Title

SRG-APP-000111-AU-000150

Rule Version

SRG-APP-000111-AU-000150

Severity

CAT III

CCI(s)

• CCI-000154 - The information system provides the capability to centrally review and analyze audit records from multiple components within the system.

Weight

10

Fix Recommendation

Configure the Central Log Server to perform analysis of log records across multiple devices and hosts in the enclave that can be reviewed by authorized individuals.

Check Contents

Examine the configuration.

Verify the system is configured to perform analysis of log records across multiple devices and hosts in the enclave that can be reviewed by authorized individuals.

If the Central Log Server is not configured to perform analysis of log records across multiple devices and hosts in the enclave that can be reviewed by authorized individuals, this is a finding.

Vulnerability Number

V-81119

Documentable

False

Rule Version

SRG-APP-000111-AU-000150

Severity Override Guidance

Examine the configuration.

Verify the system is configured to perform analysis of log records across multiple devices and hosts in the enclave that can be reviewed by authorized individuals.

If the Central Log Server is not configured to perform analysis of log records across multiple devices and hosts in the enclave that can be reviewed by authorized individuals, this is a finding.

Check Content Reference

M

Target Key

3395

Comments