VirtualCenter logs are reviewed daily.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-15881 | ESX0820 | SV-16822r1_rule | Medium |
| Description |
|---|
| It is necessary to review VirtualCenter logs for suspicious activity, problems, attacks, or system warnings will go undetected. These logs provide visibility into the activities and events of the VirtualCenter. These logs enable system administrators and auditors the ability to recreate past events, monitor the system, and ensure security policies are being enforced. |
| STIG | Date |
|---|---|
| VMware ESX 3 Policy | 2016-05-03 |
Details
| Check Text ( C-16240r1_chk ) |
|---|
| Ask the IAO/SA how often they review the VirtualCenter logs. VirtualCenter logs include System Logs and Events. If the logs are not reviewed daily, this is a finding. |
| Fix Text (F-15841r1_fix) |
|---|
| Review the VirtualCenter logs daily. |