Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-81177 | SRG-APP-000515-AU-000110 | SV-95891r1_rule | Low |
Description |
---|
Information stored in one location is vulnerable to accidental or incidental deletion or alteration. Off-loading is a common process in information systems with limited audit storage capacity. Although this may be part of the operating system function, for the enterprise events management system, this is most often a function managed through the application since it is a critical function and requires the use of a large amount of external storage. |
STIG | Date |
---|---|
Central Log Server Security Requirements Guide | 2020-06-22 |
Check Text ( C-80841r1_chk ) |
---|
Note: This is not applicable (NA) if an external application or operating system manages this function. Examine the configuration. Verify the system is configured to off-load interconnected systems in real time and off-load standalone systems weekly, at a minimum. If the Central Log Server is not configured to off-load interconnected systems in real time and off-load standalone systems weekly, at a minimum, this is a finding. |
Fix Text (F-87953r1_fix) |
---|
Configure the Central Log Server to off-load interconnected systems in real time and off-load standalone systems weekly, at a minimum. |