STIGQter: STIG Summary: Central Log Server Security Requirements Guide Version: 1 Release: 4 Benchmark Date: 24 Jul 2020:

The Central Log Server must be configured with the organization-defined severity or criticality levels of each event that is being sent from individual devices or hosts.

DISA Rule

SV-95903r2_rule

Vulnerability Number

V-81189

Group Title

SRG-APP-000516-AU-000380

Rule Version

SRG-APP-000516-AU-000380

Severity

CAT II

CCI(s)

• CCI-000366 - The organization implements the security configuration settings.

Weight

10

Fix Recommendation

Configure the Central Log Server with the organization-defined severity or criticality levels of each event that is being sent from individual devices or hosts.

Check Contents

Obtain the site’s SSP to see which criticality levels are used for each system within the scope of the Central Log Server. Examine the configuration of the Central Log Server.

Verify the Central Log Server is configured with the organization-defined severity or criticality levels of each event that is being sent from individual devices or hosts.

If the Central Log Server is not configured with the organization-defined severity or criticality levels of each event that is being sent from individual devices or hosts, this is a finding.

Vulnerability Number

V-81189

Documentable

False

Rule Version

SRG-APP-000516-AU-000380

Severity Override Guidance

Obtain the site’s SSP to see which criticality levels are used for each system within the scope of the Central Log Server. Examine the configuration of the Central Log Server.

Verify the Central Log Server is configured with the organization-defined severity or criticality levels of each event that is being sent from individual devices or hosts.

If the Central Log Server is not configured with the organization-defined severity or criticality levels of each event that is being sent from individual devices or hosts, this is a finding.

Check Content Reference

M

Target Key

3395

Comments