STIGQter STIGQter: STIG Summary: VMware vRealize Operations Manager 6.x SLES Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 28 Sep 2018: The SLES for vRealize must shut down the information system, restart the information system, and/or notify the system administrator when anomalies in the operation of any security functions are discovered.

DISA Rule

SV-99353r1_rule

Vulnerability Number

V-88703

Group Title

SRG-OS-000447-GPOS-00201

Rule Version

VROM-SL-001335

Severity

CAT II

CCI(s)

Weight

10

Fix Recommendation

Edit the syslog configuration file and add an appropriate remote syslog server:

In the "/etc/syslog-ng/syslog-ng.conf" file, the remote logging entries must be uncommented and the IP address must be modified to point to the remote syslog server:

#
# Enable this and adopt IP to send log messages to a log server.
#
#destination logserver { udp("10.10.10.10" port(514)); };
#log { source(src); destination(logserver); };

Check Contents

Check the syslog configuration file for remote syslog servers:

# cat /etc/syslog-ng/syslog-ng.conf | grep logserver

If no line is returned, or the "logserver" is commented out, this is a finding.

Vulnerability Number

V-88703

Documentable

False

Rule Version

VROM-SL-001335

Severity Override Guidance

Check the syslog configuration file for remote syslog servers:

# cat /etc/syslog-ng/syslog-ng.conf | grep logserver

If no line is returned, or the "logserver" is commented out, this is a finding.

Check Content Reference

M

Target Key

3461

Comments