The Cisco ASA must be configured to record time stamps for audit records that meet a granularity of one second for a minimum degree of precision.
An XCCDF Rule
Description
<VulnDiscussion>Without sufficient granularity of time stamps, it is not possible to adequately determine the chronological order of records. Time stamps generated by the application include date and time. Granularity of time measurements refers to the degree of synchronization between information system clocks and reference clocks.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>
- ID
- SV-239925r961446_rule
- Severity
- Medium
- References
- Updated
Remediation - Manual Procedure
Configure the ASA to include the time on all log records as shown in the example below.
ASA(config)# logging timestamp