Audit log reduction must be enabled on the IDPS.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| SRG-NET-000093-IDPS-000096 | SRG-NET-000093-IDPS-000096 | SRG-NET-000093-IDPS-000096_rule | Low |
| Description |
|---|
| Log reduction is the capability of a system to consolidate, archive and compress audit logs. This process saves space when saving these logs over a long time period. Log entries must not be removed from the log in order to reduce the size; however, the file may be compressed. |
| STIG | Date |
|---|---|
| IDPS Security Requirements Guide (SRG) | 2012-03-08 |
Details
| Check Text ( C-43225_chk ) |
|---|
| Verify the management console has the capability to consolidate, archive and/or compress audit logs. Verify this audit reduction capability is enabled. If the management console does not have audit reduction enabled, this is a finding. |
| Fix Text (F-43225_fix) |
|---|
| Enable audit reduction on the management console for audit log storage. |