The Automation Controller must generate the appropriate log records.

An XCCDF Rule

Description

Automation Controller's web server must log all details related to user sessions in support of troubleshooting, debugging, and forensic analysis. Without a data logging feature, the organization loses an important auditing and analysis tool for event investigations. Satisfies: SRG-APP-000016-WSR-000005, SRG-APP-000095-WSR-000056, SRG-APP-000096-WSR-000057, SRG-APP-000097-WSR-000058, SRG-APP-000098-WSR-000059, SRG-APP-000098-WSR-000060, SRG-APP-000099-WSR-000061, SRG-APP-000100-WSR-000064

ID: SV-256943r960765_rule
Version: APWS-AT-000090
Severity: Medium
References: CCI-000067 CCI-000130 CCI-000131 CCI-000132 CCI-000133 CCI-000134 CCI-001487
Updated: 15 days ago

Remediation Templates

As a System Administrator, for each Automation Controller host, navigate to console Settings >> System >> Miscellaneous System.

Click "Edit".

Set the following:
Enable Activity Stream = On
Enable Activity Stream for Inventory Sync = On

Organization Admins Can Manage Users and Teams = On

All Users Visible to Organization Admins = On

Click "Save".

The Automation Controller must generate the appropriate log records.

Description

Remediation Templates

A Manual Procedure