Check: SRG-APP-000367-AU-000230
Central Log Server SRG:
SRG-APP-000367-AU-000230
(in versions v2 r2 through v1 r0.1)
Title
The Central Log Server must be configured to generate reports that support on-demand reporting requirements. (Cat III impact)
Discussion
The report generation capability must support on-demand reporting to facilitate the organization's ability to generate incident reports as needed to better handle larger-scale or more complex security incidents The report generation capability provided by the application must be capable of generating on-demand (i.e., customizable, ad hoc, and as-needed) reports. On-demand reporting allows personnel to report issues more rapidly to more effectively meet reporting requirements. Collecting log data and aggregating it to present the data in a single, consolidated report achieves this objective. This requirement is specific to applications with report generation capabilities; however, applications need to support on-demand reporting requirements.
Check Content
Examine the configuration. Verify the Central Log Server generates reports that support on-demand reporting requirements. If the Central Log Server is not configured to generate reports that support on-demand reporting requirements, this is a finding.
Fix Text
Configure the Central Log Server to generate reports that support on-demand reporting requirements.
Additional Identifiers
Rule ID: SV-206500r855307_rule
Vulnerability ID: V-206500
Group Title: SRG-APP-000367
Expert Comments
CCIs
Number | Definition |
---|---|
CCI-001879 |
The information system provides a report generation capability that supports on-demand reporting requirements. |
Controls
Number | Title |
---|---|
AU-7 |
Audit Reduction And Report Generation |