Skip to content
Log In

CCI-001348

Store audit records on an organization-defined frequency in a repository that is part of a physically different system or system component that the system or component being audited.

Ensure Logs Sent To Remote Host

7 rules found Severity: Medium

Logo

The A10 Networks ADC must back up audit records at least every seven days onto a different system or system component than the system or component being audited.

1 rule found Severity: Low

Logo

The CA API Gateway must forward all log audit log messages to the central log server.

1 rule found Severity: Low

Logo

The DBN-6300 must back up audit records at least every seven days onto a different system or system component than the system or component being audited.

1 rule found Severity: Low

Logo

If any logs are stored locally which are not sent to the centralized audit server, CounterACT must back up audit records at least every seven days onto a different system or system component than the system or component being audited.

1 rule found Severity: Medium

Logo

The Infoblox system audit records must be backed up at least every seven days onto a different system or system component than the system or component being audited.

2 rules found Severity: Medium

Logo

The DataPower Gateway must back up audit records at least every seven days onto a different system or system component than the system or component being audited.

1 rule found Severity: Low

Logo

The MQ Appliance messaging server must be configured to fail over to another system in the event of log subsystem failure.

1 rule found Severity: Medium

Logo

The MQ Appliance network device must back up audit records at least every seven days onto a different system or system component than the system or component being audited.

1 rule found Severity: Medium

Logo

The Ivanti MobileIron Core server must back up audit records at least every seven days onto a log management server.

1 rule found Severity: Medium

Logo

The ISEC7 EMM Suite must back up audit records at least every seven days onto a different system or system component than the system or component being audited, provide centralized management and configuration of the content to be captured in audit records generated by all ISEC7 EMM Suite components, and off-load audit records onto a different system or media than the system being audited.

1 rule found Severity: Medium

Logo

Exchange must have Audit data on separate partitions.

1 rule found Severity: Low

Logo

Exchange Audit data must be on separate partitions.

2 rules found Severity: Medium

Logo

Exchange audit data must be on separate partitions.

4 rules found Severity: Medium

Logo

The Windows 2012 DNS Servers audit records must be backed up at least every seven days onto a different system or system component than the system or component being audited.

1 rule found Severity: Medium

Logo

The log data and records from OHS must be backed up onto a different system or media.

1 rule found Severity: Medium

Logo

The SEL-2740S must be configured to send log data to a Syslog server or collected by another parent OTSDN Controller.

1 rule found Severity: Medium

Logo

Symantec ProxySG must back up event logs onto a different system or system component than the system or component being audited.

1 rule found Severity: Medium

Logo

The Tanium operating system (TanOS) must offload audit records onto a different system or media than the system being audited.

2 rules found Severity: Medium

Logo

The BIND 9.x server implementation must not be configured with a channel to send audit records to null.

1 rule found Severity: Low

Logo

The BIND 9.x server implementation must be configured with a channel to send audit records to a remote syslog.

1 rule found Severity: Low

Logo

The BIND 9.x server implementation must be configured with a channel to send audit records to a local file.

1 rule found Severity: Low

Logo

The BIND 9.x server implementation must maintain at least 3 file versions of the local log file.

1 rule found Severity: Low

Logo

The DNS server implementations audit records must be backed up at least every seven days onto a different system or system component than the system or component being audited.

1 rule found Severity: Medium

Logo

SSMC web server must generate information to be used by external applications or entities to monitor and control remote access.

1 rule found Severity: Medium

Logo

Hardware Management Console audit record content data must be backed up.

1 rule found Severity: Medium

Logo

The ISEC7 SPHERE must back up audit records at least every seven days onto a different system or system component than the system or component being audited, provide centralized management and configuration of the content to be captured in audit records generated by all ISEC7 SPHERE components, and offload audit records onto a different system or media than the system being audited.

1 rule found Severity: Medium

Logo

The Ivanti EPMM server must back up audit records at least every seven days onto a log management server.

1 rule found Severity: Medium

Logo

JBoss log records must be off-loaded onto a different system or system component a minimum of every seven days.

1 rule found Severity: Medium

Logo

The log data and records from the IIS 10.0 web server must be backed up onto a different system or media.

1 rule found Severity: Medium

Logo

Microsoft Intune service must be configured to transfer Intune logs to another server for storage, analysis, and reporting at least every seven days.

1 rule found Severity: Medium

Logo

The Windows DNS Server audit records must be backed up at least every seven days onto a different system or system component than the system or component being audited.

1 rule found Severity: Medium

Logo

Automation Controller must use external log providers that can collect user activity logs in independent, protected repositories to prevent modification or repudiation.

1 rule found Severity: Medium

Logo

Splunk Enterprise must be configured to back up the log records repository at least every seven days onto a different system or system component other than the system or component being audited.

2 rules found Severity: Low

Logo

The log data and records from the web server must be backed up onto a different system or media.

1 rule found Severity: Medium

Logo

The log data and records from the Apache web server must be backed up onto a different system or media.

2 rules found Severity: Medium

Logo

The application server must back up log records at least every seven days onto a different system or system component than the system or component being logged.

1 rule found Severity: Medium

Logo

The application must back up audit records at least every seven days onto a different system or system component than the system or component being audited.

1 rule found Severity: Medium

Logo

The Central Log Server must be configured to back up the log records repository at least every seven days onto a different system or system component other than the system or component being audited.

1 rule found Severity: Low

Logo

The Central Log Server system backups must be retained for a minimum of 5 years for SAMI (Sources and Methods Information) and a minimum of 7 days for non-SAMI on media capable of guaranteeing file integrity for the minimum applicable information retention period.

1 rule found Severity: Low

Logo

The Dragos Platform must be configured to send backup audit records.

1 rule found Severity: Medium

Logo

The operating system must back up audit records at least every seven days onto a different system or system component than the system or component being audited.

2 rules found Severity: Medium

Logo

The UEM server must back up audit records at least every seven days onto a log management server.

1 rule found Severity: Medium

Logo

The rsyslog must be configured to monitor VAMI logs.

1 rule found Severity: Medium

Logo

Lookup Service log files must be offloaded to a central log server in real time.

1 rule found Severity: Medium

Logo

Rsyslog must be configured to monitor and ship ESX Agent Manager log files.

1 rule found Severity: Medium

Logo

Rsyslog must be configured to monitor and ship Performance Charts log files.

1 rule found Severity: Medium

Logo

Security Token Service log data and records must be backed up onto a different system or media.

1 rule found Severity: Medium

Logo

The vCenter Rhttpproxy service log files must be sent to a central log server.

2 rules found Severity: Medium

Logo

vSphere UI log files must be moved to a permanent repository in accordance with site policy.

1 rule found Severity: Medium

Logo

The vCenter VAMI service must off-load log records onto a different system or media from the system being logged.

2 rules found Severity: Medium

Logo