STIGQter: STIG Summary: Central Log Server Security Requirements Guide Version: 1 Release: 4 Benchmark Date: 24 Jul 2020:

The Central Log Server must be configured to send an immediate alert to the System Administrator (SA) or Information System Security Officer (ISSO) if communication with the host and devices within its scope of coverage is lost.

DISA Rule

SV-95865r1_rule

Vulnerability Number

V-81151

Group Title

SRG-APP-000361-AU-000140

Rule Version

SRG-APP-000361-AU-000140

Severity

CAT III

CCI(s)

• CCI-001861 - The information system invokes an organization-defined system mode, in the event of organization-defined audit failures, unless an alternate audit capability exists.

Weight

10

Fix Recommendation

Configure the Central Log Server to send an immediate alert to the SA or ISSO if communication with the host and devices within its scope of coverage is lost.

Check Contents

Examine the configuration.

Verify the system is configured to send an immediate alert to the SA or ISSO if communication with the host and devices within its scope of coverage is lost.

If the Central Log Server is not configured to send an immediate alert to the SA or ISSO if communication with the host and devices within its scope of coverage is lost, this is a finding.

Vulnerability Number

V-81151

Documentable

False

Rule Version

SRG-APP-000361-AU-000140

Severity Override Guidance

Examine the configuration.

Verify the system is configured to send an immediate alert to the SA or ISSO if communication with the host and devices within its scope of coverage is lost.

If the Central Log Server is not configured to send an immediate alert to the SA or ISSO if communication with the host and devices within its scope of coverage is lost, this is a finding.

Check Content Reference

M

Target Key

3395

Comments