UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

Audit record archive and storage do not meet minimum requirements.


Overview

Finding ID Version Rule ID IA Controls Severity
V-7977 DSN15.05 SV-8463r1_rule ECRR-1 ECSC-1 ECTB-1 ECTP-1 Medium
Description
Requirement: The IAO will ensure that audit records (files) are stored on-line for 90 days and off-line for an additional 12 months. Audit records provide the means for the ISSO/IAO or other designated person to investigate any suspicious activity and to hold users accountable for their actions. By storing audit records online for 90 days and offline for 12 months, the ISSO or other designated personnel will be able to investigate all suspicious activity even if the activity is not noticed immediately. APL NOTE: The storage of log data both online and offline for a given period of time is a site responsibility. While a vendor's product may provide the required storage capacity for a sufficient number of log entries internally to satisfy the online storage requirement, it must at a minimum work in conjunction with a logging server where the logs can be collected and maintained online. The remote logging process should also be automated such that logs are collected without SA intervention. The vendor's product and the architecture in which it is implemented as a whole must support the online storage requirement. Such requirements are covered elsewhere and do not constitute a finding here..
STIG Date
Defense Switched Network (DSN) STIG 2015-06-30

Details

Check Text ( C-7703r1_chk )
Inspect or review the required “documents on file” that are necessary for compliance with the requirement.
Fix Text (F-7552r1_fix)
Ensure audit records are stored online for 90 days and offline for 12 months.