Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-57425 | SRG-APP-000515-AS-000203 | SV-71697r2_rule | Medium |
Description |
---|
Information stored in one location is vulnerable to accidental or incidental deletion or alteration. Protecting log data is important during a forensic investigation to ensure investigators can track and understand what may have occurred. Off-loading should be set up as a scheduled task but can be configured to be run manually, if other processes during the off-loading are manual. Off-loading is a common process in information systems with limited log storage capacity. |
STIG | Date |
---|---|
Application Server Security Requirements Guide | 2018-01-08 |
Check Text ( C-58101r1_chk ) |
---|
Verify the log records are being off-loaded, at a minimum of real time for interconnected systems and weekly for standalone systems. If the application server is not meeting these requirements, this is a finding. |
Fix Text (F-62463r1_fix) |
---|
Configure the application server to off-load interconnected systems in real time and standalone systems weekly. |