Analysis, viewing, and indexing functions, services, and applications used as part of the Central Log Server must be configured to comply with DoD-trusted path and access requirements.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-81191	SRG-APP-000516-AU-000410	SV-95905r1_rule		Medium

Description
Analysis, viewing, and indexing functions, services, and applications, such as analysis tools and other vendor-provided applications, must be secured. Software used to perform additional functions, which resides on the server, must also be secured or could provide a vector for unauthorized access to the events repository.

STIG	Date
Central Log Server Security Requirements Guide	2020-06-22

Details

Check Text ( C-80859r1_chk )
Examine the configuration. Verify analysis, viewing, and indexing functions, services, and applications used with the Central Log Server are configured to comply with DoD-trusted path and access requirements. If analysis, viewing, and indexing functions, services, and applications used with the Central Log Server are not configured to comply with DoD-trusted path and access requirements, this is a finding.

Check Text ( C-80859r1_chk )

Examine the configuration.

Verify analysis, viewing, and indexing functions, services, and applications used with the Central Log Server are configured to comply with DoD-trusted path and access requirements.

If analysis, viewing, and indexing functions, services, and applications used with the Central Log Server are not configured to comply with DoD-trusted path and access requirements, this is a finding.

Fix Text (F-87967r1_fix)
Configure all analysis, viewing, and indexing functions, services, and applications used with the Central Log Server to comply with DoD-trusted path and access requirements.