UCF STIG Viewer Logo

The application server must provide a report generation capability for audit reduction data.


Overview

Finding ID Version Rule ID IA Controls Severity
V-35196 SRG-APP-000114-AS-000074 SV-46483r1_rule Medium
Description
In support of audit review, analysis, and reporting requirements, audit reduction is a technique used to reduce the volume of audit records in order to facilitate a manual review. In order to identify and report on what (repetitive) data has been removed via the use of audit reduction, the application server must provide a capability to generate reports containing what values were removed by the audit reduction. Audit reduction does not alter original audit records. An audit reduction capability provides support for near real-time audit review and analysis based on policy based requirements and after-the-fact investigations of security incidents.
STIG Date
Application Server Security Requirements Guide 2013-01-08

Details

Check Text ( C-43573r1_chk )
Review the configuration settings to determine if the AS audit records can be used by a report generation capability. Review AS documentation and audit records. If the AS audit records cannot be used by a report generation capability, this is a finding.
Fix Text (F-39743r1_fix)
Configure the AS audit records to be used by a report generation capability.