Navigate

Check: SRG-APP-000375-AS-000211

Application Server SRG: SRG-APP-000375-AS-000211 (in versions v3 r4 through v2 r2)

Title

The application server must record time stamps for log records that meet a granularity of one second for a minimum degree of precision. (Cat II impact)

Discussion

To investigate an incident, the log records should be easily put into chronological order. Without sufficient granularity of time stamps, the chronological order cannot be determined. Time stamps generated by the application server include date and time. Granularity of time measurements refers to the degree of synchronization between information system clocks and reference clocks.

Check Content

Review the application server documentation and configuration files to determine if time stamps for log records meet a granularity of one second. If the time stamp cannot generate to a one-second granularity, this is a finding.

Fix Text

Configure the application server to use time stamps for log records that can meet a granularity of one second.

Additional Identifiers

Rule ID: SV-204795r879748_rule

Vulnerability ID: V-204795

Group Title: SRG-APP-000375

Expert Comments

Expert comments are only available to logged-in users.

CCIs

CCIs tied to check.

Number	Definition
CCI-001889	The information system records time stamps for audit records that meet organization-defined granularity of time measurement.

Controls

Controls tied to check. These are derived from the CCIs shown above.

Number	Title
AU-8	Time Stamps