STIGQter: STIG Summary: Application Security and Development Security Technical Implementation Guide Version: 5 Release: 1 Benchmark Date: 23 Oct 2020:

The application must provide the capability to centrally review and analyze audit records from multiple components within the system.

DISA Rule

SV-222487r508029_rule

Vulnerability Number

V-222487

Group Title

SRG-APP-000111

Rule Version

APSC-DV-001130

Severity

CAT II

CCI(s)

CCI-000154 - The information system provides the capability to centrally review and analyze audit records from multiple components within the system.

Weight

Fix Recommendation

Configure the application so all of the applications logs are available for review from one centralized location.

Check Contents

Review system documentation and interview application administrator for details regarding application architecture and logging configuration. Identify the application components, the logs that are associated with the components and the locations of the logs.

If the application utilizes a centralized logging system that provides the capability to review the log files from one central location, this requirement is not applicable.

Access the application's log management utility and review the log files. Ensure all of the applications logs are reviewable from within the centralized log management function and access to other systems in order to review application logs are not required.

If all of the application logs are not reviewable from a central location, this is a finding.

The application must provide the capability to centrally review and analyze audit records from multiple components within the system.

DISA Rule

Vulnerability Number

Group Title

Rule Version

Severity

CCI(s)

Weight

Fix Recommendation

Check Contents

Vulnerability Number

Documentable

Rule Version

Severity Override Guidance

Check Content Reference

Target Key

Comments