Title

The Central Log Server must be configured to record time stamps for when log records are received by the log server that meet a granularity of one second for a minimum degree of precision. (Cat III impact)

Discussion

Without sufficient granularity of time stamps, it is not possible to adequately determine the chronological order of records. Time stamps generated by the application include date and time. Granularity of time measurements refers to the degree of synchronization between information system clocks and reference clocks. Note: The actual configuring and security requirements for NTP is handled in the host OS or NDM STIGs that are also required as part of a Central Log Server review.

Check Content

Examine the configuration. Verify the Central Log Server records time stamps for when log records are received by the log server that meet a granularity of one second for a minimum degree of precision. If the Central Log Server is not configured to record time stamps for when log records are received by the log server that meet a granularity of one second for a minimum degree of precision, this is a finding.

Fix Text

Configure the Central Log Server to record time stamps for when log records are received by the log server that meet a granularity of one second for a minimum degree of precision.

Additional Identifiers

Rule ID: SV-206505r855312_rule

Vulnerability ID: V-206505

Group Title: SRG-APP-000375

Expert Comments

CCIs tied to check.

Controls tied to check. These are derived from the CCIs shown above.