Audit logs will be reviewed on a daily basis.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-3491 | 1.029 | SV-32267r1_rule | ECAT-1 ECAT-2 | Medium |
| Description |
|---|
| To be of value, audit logs from servers and other critical systems will be reviewed on a daily basis to identify security breaches and potential weaknesses in the security structure. This can be done with the use of monitoring software or other utilities for this purpose. |
| STIG | Date |
|---|---|
| Windows Server 2008 R2 Domain Controller Security Technical Implementation Guide | 2012-07-02 |
Details
| Check Text ( C-3244r1_chk ) |
|---|
| Servers and other critical systems will be reviewed on a daily basis to identify possible security breaches and weakness. The site will have a policy to that requires this. Note: This can be done with the use of monitoring software or other utilities for this purpose. |
| Fix Text (F-6578r1_fix) |
|---|
| Create a site policy that mandates review of audit logs. |