UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

The firewall implementation must produce application event log records containing sufficient information to establish when the events occurred.


Overview

Finding ID Version Rule ID IA Controls Severity
SRG-NET-999999-FW-000189 SRG-NET-999999-FW-000189 SRG-NET-999999-FW-000189_rule Low
Description
Logging the date and time of each detected event provides a means to investigate an attack; recognize resource utilization or capacity thresholds; or identify an improperly configured firewall. In order to establish and correlate the series of events leading up to an outage or attack, it is imperative the date and time are recorded in all log records.
STIG Date
Firewall Security Requirements Guide 2012-12-10

Details

Check Text ( C-SRG-NET-999999-FW-000189_chk )
Examine the aggregated firewall application event log on the management console.
View entries for several alerts.
Verify the events being captured in the application logs include the date and time of each event.

If the firewall implementation event log does not include the date and time the events occurred, this is a finding.
Fix Text (F-SRG-NET-999999-FW-000189_fix)
Configure the firewall implementation event log, so entries in the logs include the date and time of the event.