A minimum of two syslog servers must be deployed in the management network.
An XCCDF Rule
Description
Maintaining an audit trail of system activity logs can help identify configuration errors, understand past intrusions, troubleshoot service disruptions, and react to probes and scans of the network.
- ID
- SV-251373r916119_rule
- Version
- NET1025
- Severity
- Low
- References
- Updated
Remediation Templates
A Manual Procedure
Stand up at least two syslog servers and connect them to the management network. Configure all managed network elements to send syslog data to the syslog servers.