STIGQter STIGQter: STIG Summary: IBM MQ Appliance V9.0 AS Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 05 Jun 2017:

The MQ Appliance messaging server must provide a log reduction capability that supports on-demand reporting requirements.

DISA Rule

SV-89563r1_rule

Vulnerability Number

V-74889

Group Title

SRG-APP-000181-AS-000255

Rule Version

MQMH-AS-000870

Severity

CAT II

CCI(s)

Weight

10

Fix Recommendation

Log record aggregation and reporting for each event-logging-enabled queue manager on the MQ Appliance may be accomplished by running the following command from an authorized MQ client device:

amqsevt -m [queue mgr name] {-q SYSTEM.ADMIN.QMGR.EVENT | -q SYSTEM.ADMIN.CONFIG.EVENT | -q SYSTEM.ADMIN.PERFM.EVENT | -q SYSTEM.ADMIN.CHANNEL.EVENT | -q SYSTEM.ADMIN.COMMAND.EVENT} -c -u [user name]

Note: Any MQ monitoring solution that can connect to MQ as a client may be used to monitor event queues.

Check Contents

Confirm that the following command is available and functioning on an authorized MQ client device:

amqsevt -m [queue mgr name] {-q SYSTEM.ADMIN.QMGR.EVENT | -q SYSTEM.ADMIN.CONFIG.EVENT | -q SYSTEM.ADMIN.PERFM.EVENT | -q SYSTEM.ADMIN.CHANNEL.EVENT | -q SYSTEM.ADMIN.COMMAND.EVENT} -c -u [user name]

If an MQ client application is not enabled to monitor one or more of the above event queues, this is a finding.

Vulnerability Number

V-74889

Documentable

False

Rule Version

MQMH-AS-000870

Severity Override Guidance

Confirm that the following command is available and functioning on an authorized MQ client device:

amqsevt -m [queue mgr name] {-q SYSTEM.ADMIN.QMGR.EVENT | -q SYSTEM.ADMIN.CONFIG.EVENT | -q SYSTEM.ADMIN.PERFM.EVENT | -q SYSTEM.ADMIN.CHANNEL.EVENT | -q SYSTEM.ADMIN.COMMAND.EVENT} -c -u [user name]

If an MQ client application is not enabled to monitor one or more of the above event queues, this is a finding.

Check Content Reference

M

Target Key

3239

Comments