STIGQter: STIG Summary: IBM MQ Appliance v9.0 NDM Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 05 Jun 2017: STIGQter: STIG Summary: IBM MQ Appliance v9.0 NDM Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 05 Jun 2017:SV-89683r1_rule
V-75009
SRG-APP-000506-NDM-000323
MQMH-ND-001370
CAT II
10
Log on to the MQ Appliance CLI as a privileged user.
To enter global configuration mode, enter "config".
To create a syslog target, enter:
logging target <logging target name>
type syslog
admin-state enabled
local-address <MQ Appliance IP>
remote-address <syslog server IP>
remote-port <syslog server port>
event audit info
event auth notice
event mgmt notice
event cli notice
event user notice
event system error
exit
write mem
y
Log on to the MQ Appliance CLI as a privileged user.
Enter:
co
show logging target
All configured logging targets will be displayed. Verify:
- This list includes a remote syslog notification target; and
- It includes all desired log event source and log level parameters:
event audit info
event auth notice
event mgmt notice
event cli notice
event user notice
event system error
Log onto the MQ appliance from two different workstations simultaneously.
Request a copy of the audit logs and verify both events were recorded in the logs.
If log events were not created, this is a finding.
V-75009
False
MQMH-ND-001370
Log on to the MQ Appliance CLI as a privileged user.
Enter:
co
show logging target
All configured logging targets will be displayed. Verify:
- This list includes a remote syslog notification target; and
- It includes all desired log event source and log level parameters:
event audit info
event auth notice
event mgmt notice
event cli notice
event user notice
event system error
Log onto the MQ appliance from two different workstations simultaneously.
Request a copy of the audit logs and verify both events were recorded in the logs.
If log events were not created, this is a finding.
M
3243