An error occurred:

Check: SRG-APP-000745-AU-000120

Central Log Server SRG: SRG-APP-000745-AU-000120 (in versions v3 r2 through v3 r1)

Title

The Central Log Server must implement the capability to centrally review and analyze audit records from multiple components within the system. (Cat II impact)

Discussion

Automated mechanisms for centralized reviews and analyses include security information and event management products.

Check Content

Verify the Central Log Server is configured to implement the capability to centrally review and analyze audit records from multiple components within the system. If the Central Log Server is not configured to implement the capability to centrally review and analyze audit records from multiple components within the system, this is a finding.

Fix Text

Configure the Central Log Server to implement the capability to centrally review and analyze audit records from multiple components within the system.

Additional Identifiers

Rule ID: SV-263558r982403_rule

Vulnerability ID: V-263558

Group Title: SRG-APP-000745

Expert Comments

Expert comments are only available to logged-in users.

CCIs

CCIs tied to check.
Number Definition
CCI-003821

Implement the capability to centrally review and analyze audit records from multiple components within the system.

Controls

Controls tied to check. These are derived from the CCIs shown above.
Number Title
No controls are assigned to this check