Title

The application server must back up log records at least every seven days onto a different system or system component than the system or component being logged. (Cat II impact)

Discussion

Protection of log data includes assuring log data is not accidentally lost or deleted. Backing up log records to a different system or onto separate media from the system the application server is actually running on helps to assure that in the event of a catastrophic system failure, the log records will be retained.

Check Content

Review the application server configuration to determine if the application server backs up log records every seven days onto a different system or media from the system being logged. If the application server does not back up log records every seven days onto a different system or media from the system being logged, this is a finding.

Fix Text

Configure the application server to back up log records every seven days onto a different system or media from the system being logged.

Additional Identifiers

Rule ID: SV-204738r879582_rule

Vulnerability ID: V-204738

Group Title: SRG-APP-000125

Expert Comments

CCIs tied to check.

Controls tied to check. These are derived from the CCIs shown above.