Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-66351 | NET1026 | SV-80841r1_rule | Low |
Description |
---|
Logging is a critical part of router security. Maintaining an audit trail of system activity logs (syslog) can help identify configuration errors, understand past intrusions, troubleshoot service disruptions, and react to probes and scans of the network. |
STIG | Date |
---|---|
Network Infrastructure Policy Security Technical Implementation Guide | 2019-09-30 |
Check Text ( C-66997r1_chk ) |
---|
Examine the syslog server to verify that it is configured to store messages for at least 30 days. Have the administrator show you the syslog files stored offline for one year. If the syslog messages are not kept online for thirty days and offline for one year, this is a finding. |
Fix Text (F-72427r1_fix) |
---|
Configure the syslog server to store messages for at least 30 days on-line. The administrator must establish a strategy for storing the logs off-line for minimum of 1 year. |