STIGQter: STIG Summary: Juniper SRX SG NDM Security Technical Implementation Guide Version: 2 Release: 1 Benchmark Date: 23 Apr 2021:

The Juniper SRX Services Gateway must generate log records when logon events occur.

DISA Rule

SV-223194r513274_rule

Vulnerability Number

V-223194

Group Title

SRG-APP-000503-NDM-000320

Rule Version

JUSX-DM-000043

Severity

CAT III

CCI(s)

• CCI-000172 - The information system generates audit records for the events defined in AU-2 d. with the content defined in AU-3.

Weight

10

Fix Recommendation

Configure at least one external syslog host to log facility any and severity info or any.

[edit system syslog]
set host <syslog server address> any <info | any>

Check Contents

Verify the device generates a log when login events occur.

[edit]
show system syslog

host <syslog server address> {
any <info | any>;
source-address <device address>;
}

If an external syslog host is not configured to log, or configured for facility any severity <info | any>, this is a finding.

Vulnerability Number

V-223194

Documentable

False

Rule Version

JUSX-DM-000043

Severity Override Guidance

Verify the device generates a log when login events occur.

[edit]
show system syslog

host <syslog server address> {
any <info | any>;
source-address <device address>;
}

If an external syslog host is not configured to log, or configured for facility any severity <info | any>, this is a finding.

Check Content Reference

M

Target Key

4098

Comments