The ESCON Director Application Console Event log must be enabled.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-24343 | HLESC030 | SV-29995r1_rule | ECAT-1 ECAT-2 | High |
| Description |
|---|
| The ESCON Director Console Event log is used to record all ESCON Director Changes. Failure to create an ESCON Director Application Console Event log results in the lack of monitoring and accountability of configuration changes. In addition, its use in the execution of a contingency plan could be compromised and security degraded. |
| STIG | Date |
|---|---|
| IBM Hardware Management Console (HMC) STIG | 2013-06-26 |
Details
| Check Text ( C-2770r2_chk ) |
|---|
| Verify on the ESCON Director Application Console that the Event log is in use. If no Event log exists, this is a FINDING. |
| Fix Text (F-2356r1_fix) |
|---|
| Ensure that an ESCON Director Application Console log is created and in use every time the system is switched on. The ESCON Director maintains an audit trail at the ESCD console’s fixed disk. This audit trail logs the time, date, and password identification when changes have been made to the ESCON Director. |