STIGQter: STIG Summary: Central Log Server Security Requirements Guide Version: 1 Release: 4 Benchmark Date: 24 Jul 2020:

The Central Log Server must be configured to automatically create trouble tickets for organization-defined threats and events of interest as they are detected in real time (within seconds).

DISA Rule

SV-95899r1_rule

Vulnerability Number

V-81185

Group Title

SRG-APP-000516-AU-000360

Rule Version

SRG-APP-000516-AU-000360

Severity

CAT II

CCI(s)

• CCI-000366 - The organization implements the security configuration settings.

Weight

10

Fix Recommendation

Configure the Central Log Server to automatically create trouble tickets for organization-defined threats and events of interest as they are detected in real time (within seconds).

Check Contents

Note: This is not applicable (NA) if the Central Log Server (e.g., syslog) does not perform analysis.

Examine the configuration.

Verify the Central Log Server automatically creates trouble tickets for organization-defined threats and events of interest as they are detected in real time (within seconds).

If the Central Log Server is not configured to automatically create trouble tickets for organization-defined threats and events of interest as they are detected in real time (within seconds), this is a finding.

Vulnerability Number

V-81185

Documentable

False

Rule Version

SRG-APP-000516-AU-000360

Severity Override Guidance

Note: This is not applicable (NA) if the Central Log Server (e.g., syslog) does not perform analysis.

Examine the configuration.

Verify the Central Log Server automatically creates trouble tickets for organization-defined threats and events of interest as they are detected in real time (within seconds).

If the Central Log Server is not configured to automatically create trouble tickets for organization-defined threats and events of interest as they are detected in real time (within seconds), this is a finding.

Check Content Reference

M

Target Key

3395

Comments