UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

tc Server ALL must use a logging mechanism that is configured to provide a warning to the ISSO and SA when allocated record storage volume reaches 75% of maximum log record storage capacity.


Overview

Finding ID Version Rule ID IA Controls Severity
V-89041 VROM-TC-000795 SV-99691r1_rule Medium
Description
It is critical for the appropriate personnel to be aware if a system is at risk of failing to process logs as required. Log processing failures include: software/hardware errors, failures in the log capturing mechanisms, and log storage capacity being reached or exceeded. If log capacity were to be exceeded, then events subsequently occurring would not be recorded. Organizations must define a maximum allowable percentage of storage capacity serving as an alarming threshold (e.g., web server has exceeded 75% of log storage capacity allocated), at which time the web server or the logging mechanism the web server utilizes will provide a warning to the ISSO and SA at a minimum. This requirement can be met by configuring the web server to utilize a dedicated log tool that meets this requirement.
STIG Date
VMware vRealize Operations Manager 6.x tc Server Security Technical Implementation Guide 2018-10-12

Details

Check Text ( C-88733r1_chk )
Obtain supporting documentation from the ISSO.

Review site documentation and system configuration.

Determine if the system has a logging mechanism that will provide a warning to the ISSO and SA when allocated record storage volume reaches 75% of maximum log record storage capacity.

If such an alert mechanism is not in use, this is a finding.
Fix Text (F-95783r1_fix)
Configure the tc Server ALL logging mechanism to alert the ISSO/SA when the logs have reached 75% of storage capacity.