The BlackBerry UEM server must be configured to communicate the following commands to the MDM Agent: read audit logs kept by the MD.
An XCCDF Rule
Description
<VulnDiscussion>Audit logs enable monitoring of security-relevant events and subsequent forensics when breaches occur. For audit logs to be useful, administrators must have the ability to view them. SFR ID: FMT_SMF.1.1(1) #19</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>
- ID
- SV-224372r604136_rule
- Severity
- Medium
- References
- Updated
Remediation - Manual Procedure
This requirement is only applicable on Android devices and is configured via each Android device STIG (enabling device Auditing).
Enable device auditing for each Android device being managed by UEM using procedures in the Android STIG.