Skip to content

The Cisco ASA must be configured to record time stamps for audit records that meet a granularity of one second for a minimum degree of precision.

An XCCDF Rule

Description

<VulnDiscussion>Without sufficient granularity of time stamps, it is not possible to adequately determine the chronological order of records. Time stamps generated by the application include date and time. Granularity of time measurements refers to the degree of synchronization between information system clocks and reference clocks.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>

ID
SV-239925r961446_rule
Severity
Medium
References
Updated



Remediation - Manual Procedure

Configure the ASA to include the time on all log records as shown in the example below.

ASA(config)# logging timestamp