STIGQter: STIG Summary: Juniper SRX SG NDM Security Technical Implementation Guide Version: 2 Release: 1 Benchmark Date: 23 Apr 2021:

The Juniper SRX Services Gateway must generate an immediate system alert message to the management console when a log processing failure is detected.

DISA Rule

SV-223199r513289_rule

Vulnerability Number

V-223199

Group Title

SRG-APP-000360-NDM-000295

Rule Version

JUSX-DM-000059

Severity

CAT II

CCI(s)

• CCI-001858 - The information system provides a real-time alert in an organization-defined real-time period to organization-defined personnel, roles, and/or locations when organization-defined audit failure events requiring real-time alerts occur.

Weight

10

Fix Recommendation

The following commands configure syslog to immediately display any emergency level or daemon alert events to the management console. The message will display on any currently logged on administrator's console. This is an example method. Alerts must be sent immediately to the designated individuals (e.g., via Syslog configuration, SNMP trap, manned console message, or other events monitoring system).

[edit]
set system syslog user * any emergency
set system syslog user * daemon alert
set system syslog user * daemon critical

Check Contents

Verify the system Syslog has been configured to display an alert on the console for the emergency and critical levels of the daemon facility.

[edit]
show system syslog

If the system is not configured to generate a system alert message when a component failure is detected, this is a finding.

Vulnerability Number

V-223199

Documentable

False

Rule Version

JUSX-DM-000059

Severity Override Guidance

Verify the system Syslog has been configured to display an alert on the console for the emergency and critical levels of the daemon facility.

[edit]
show system syslog

If the system is not configured to generate a system alert message when a component failure is detected, this is a finding.

Check Content Reference

M

Target Key

4098

Comments