Free DISA STIG and SRG Library | Vaulted

V-81191

Analysis, viewing, and indexing functions, services, and applications used as part of the Central Log Server must be configured to comply with DoD-trusted path and access requirements.

Finding ID
SRG-APP-000516-AU-000410
Rule ID
SV-95905r1_rule
Severity
Cat II
CCE
(None)
Group Title
SRG-APP-000516-AU-000410
CCI
CCI-000366
Target Key
(None)
Documentable
No
Discussion

Analysis, viewing, and indexing functions, services, and applications, such as analysis tools and other vendor-provided applications, must be secured. Software used to perform additional functions, which resides on the server, must also be secured or could provide a vector for unauthorized access to the events repository.

Fix Text

Configure all analysis, viewing, and indexing functions, services, and applications used with the Central Log Server to comply with DoD-trusted path and access requirements.

Check Content

Examine the configuration. Verify analysis, viewing, and indexing functions, services, and applications used with the Central Log Server are configured to comply with DoD-trusted path and access requirements. If analysis, viewing, and indexing functions, services, and applications used with the Central Log Server are not configured to comply with DoD-trusted path and access requirements, this is a finding.