STIGQter STIGQter: STIG Summary: VMware vRealize Operations Manager 6.x SLES Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 28 Sep 2018:

The SLES for vRealize must notify System Administrators and Information System Security Officers when accounts are modified.

DISA Rule

SV-99295r1_rule

Vulnerability Number

V-88645

Group Title

SRG-OS-000275-GPOS-00105

Rule Version

VROM-SL-000915

Severity

CAT III

CCI(s)

Weight

10

Fix Recommendation

Edit the syslog configuration file and add an appropriate remote syslog server:

In the "/etc/syslog-ng/syslog-ng.conf" file, the remote logging entries must be uncommented and the IP address must be modified to point to the remote syslog server:

#
# Enable this and adopt IP to send log messages to a log server.
#
#destination logserver { udp("10.10.10.10" port(514)); };
#log { source(src); destination(logserver); };

Check Contents

Check the syslog configuration file for remote syslog servers:

# cat /etc/syslog-ng/syslog-ng.conf | grep logserver

If no line is returned, or the "logserver" is commented out, this is a finding.

Vulnerability Number

V-88645

Documentable

False

Rule Version

VROM-SL-000915

Severity Override Guidance

Check the syslog configuration file for remote syslog servers:

# cat /etc/syslog-ng/syslog-ng.conf | grep logserver

If no line is returned, or the "logserver" is commented out, this is a finding.

Check Content Reference

M

Target Key

3461

Comments