The ISSO must ensure application audit trails are retained for at least 1 year for applications without SAMI data, and 5 years for applications including SAMI data.

An XCCDF Rule

Details
Profiles
Prose

Description

<VulnDiscussion>Log files are a requirement to trace intruder activity or to audit user activity.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>

ID: SV-222621r961863_rule
Severity: Medium
References: CCI-000167
Updated: 17 days ago

Retain application audit log files for one year and five years for SAMI data.

The ISSO must ensure application audit trails are retained for at least 1 year for applications without SAMI data, and 5 years for applications including SAMI data.

Description

Remediation - Manual Procedure