STIGQter: STIG Summary: Arista MLS DCS-7000 Series NDM Security Technical Implementation Guide Version: 1 Release: 3 Benchmark Date: 25 Oct 2019:

The Arista Multilayer Switch must generate audit records showing starting and ending time for administrator access to the system.

DISA Rule

SV-75333r1_rule

Vulnerability Number

V-60875

Group Title

SRG-APP-000505-NDM-000322

Rule Version

AMLS-NM-000370

Severity

CAT II

CCI(s)

• CCI-000172 - The information system generates audit records for the events defined in AU-2 d. with the content defined in AU-3.

Weight

10

Fix Recommendation

Configure the network device to generate audit records showing starting and ending time for administrator access to the system.

Enable logging level 6 to ensure this event is captured.

Switch(config)#logging trap 6
switch(config)#logging level all 6

Check Contents

Determine if the network device generates audit records showing starting and ending time for administrator access to the system.

If the network device does not generate audit records showing starting and ending time for administrator access to the system, this is a finding.

Verify by reviewing log files to show start and end times for administrator access to the system via the "show logging" command.

Vulnerability Number

V-60875

Documentable

False

Rule Version

AMLS-NM-000370

Severity Override Guidance

Determine if the network device generates audit records showing starting and ending time for administrator access to the system.

If the network device does not generate audit records showing starting and ending time for administrator access to the system, this is a finding.

Verify by reviewing log files to show start and end times for administrator access to the system via the "show logging" command.

Check Content Reference

M

Target Key

2825

Comments