Free DISA STIG and SRG Library | Vaulted

V-35216

The application server must back up log records at least every seven days onto a different system or system component than the system or component being logged.

Finding ID
SRG-APP-000125-AS-000084
Rule ID
SV-46503r3_rule
Severity
Cat II
CCE
(None)
Group Title
SRG-APP-000125-AS-000084
CCI
CCI-001348
Target Key
(None)
Documentable
No
Discussion

Protection of log data includes assuring log data is not accidentally lost or deleted. Backing up log records to a different system or onto separate media from the system the application server is actually running on helps to assure that in the event of a catastrophic system failure, the log records will be retained.

Fix Text

Configure the application server to back up log records every seven days onto a different system or media from the system being logged.

Check Content

Review the application server configuration to determine if the application server backs up log records every seven days onto a different system or media from the system being logged. If the application server does not back up log records every seven days onto a different system or media from the system being logged, this is a finding.