Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-34607 | SRG-NET-999999-IDPS-00214 | SV-45474r1_rule | Low |
Description |
---|
Logging the date and time of each detected event provides a means to investigate an attack; recognize resource utilization or capacity thresholds; or identify an improperly configured IDPS. In order to establish and correlate the series of events leading up to an outage or attack, it is imperative the date and time are recorded in all log records. |
STIG | Date |
---|---|
Intrusion Detection and Prevention Systems (IDPS) Security Requirements Guide | 2012-11-19 |
Check Text ( C-42823r1_chk ) |
---|
Examine the aggregated sensor event log on the management console. View entries for several alerts. Verify the events being captured in the sensor logs include the date and time of each event. If the events log does not include the date and time the events occurred, this is a finding. |
Fix Text (F-38871r1_fix) |
---|
Configure the sensor event log, so entries in the logs include the date and time of the event. |