Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
The NSX-T Manager must be configured to send logs to a central log server.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-251787 | TNDM-3X-000088 | SV-251787r879886_rule | Medium |
| Description |
|---|
| Information stored in one location is vulnerable to accidental or incidental deletion or alteration. Offloading is a common process in information systems with limited audit storage capacity. |
| STIG | Date |
|---|---|
| VMware NSX-T Manager NDM Security Technical Implementation Guide | 2023-06-22 |
Details
| Check Text ( C-55247r810362_chk ) |
|---|
| From an NSX-T Manager shell, run the following command(s): > get logging-servers If any configured logging-servers are not configured with protocol of "tcp", "li-tls", or "tls" and level of "info", this is a finding. If no logging-servers are configured, this is a finding. Note: This check must be run from each NSX-T Manager as they are configured individually. |
| Fix Text (F-55201r810363_fix) |
|---|
| (Optional) From an NSX-T Manager shell, run the following command(s) to clear any existing incorrect logging-servers: > clear logging-servers From an NSX-T Manager shell, run the following command(s) to configure a tcp syslog server: > set logging-server From an NSX-T Manager shell, run the following command(s) to configure a tls syslog server: > set logging-server From an NSX-T Manager shell, run the following command(s) to configure an li-tls syslog server: > set logging-server Note: If using the protocols TLS or LI-TLS to configure a secure connection to a log server, the server and client certificates must be stored in /image/vmware/nsx/file-store on each NSX-T Manager appliance. |