STIGQter: STIG Summary: Central Log Server Security Requirements Guide Version: 1 Release: 4 Benchmark Date: 24 Jul 2020:

Upon receipt of the log record from hosts and devices, the Central Log Server must be configured to record time stamps of the time of receipt that can be mapped to Coordinated Universal Time (UTC).

DISA Rule

SV-95885r1_rule

Vulnerability Number

V-81171

Group Title

SRG-APP-000374-AU-000290

Rule Version

SRG-APP-000374-AU-000290

Severity

CAT III

CCI(s)

• CCI-001890 - The information system records time stamps for audit records that can be mapped to Coordinated Universal Time (UTC) or Greenwich Mean Time (GMT).

Weight

10

Fix Recommendation

Configure the Central Log Server to record time stamps of the time the record was received from the host or device.

Verify the time stamp is mapped to UTC.

Check Contents

Examine the log records stored on the events server.

Verify the Central Log Server records time stamps of the time the record was received from the host or device.

Verify the time stamp is mapped to UTC.

If the Central Log Server is not configured to record time stamps of the time the record was received or the time stamp is not mapped to UTC, this is a finding.

Vulnerability Number

V-81171

Documentable

False

Rule Version

SRG-APP-000374-AU-000290

Severity Override Guidance

Examine the log records stored on the events server.

Verify the Central Log Server records time stamps of the time the record was received from the host or device.

Verify the time stamp is mapped to UTC.

If the Central Log Server is not configured to record time stamps of the time the record was received or the time stamp is not mapped to UTC, this is a finding.

Check Content Reference

M

Target Key

3395

Comments