The CA API Gateway must off-load audit records onto a centralized log server.
An XCCDF Rule
Description
Information stored in one location is vulnerable to accidental or incidental deletion or alteration. Off-loading is a common process in information systems with limited audit storage capacity. The CA API Gateway must include a method for off-loading audit records onto a centralized log server, including External Audit Stores and Centralized Syslog Servers.
- ID
- SV-86051r1_rule
- Version
- CAGW-GW-000590
- Severity
- Medium
- References
- Updated
Remediation Templates
A Manual Procedure
Open the CA API Gateway - Policy Manager.
Select "Tasks" and chose "Manage Log/Audit Sinks".
Double-click the "ssg" log and change the "Type:" to "Syslog".
Click "Syslog Settings" and specify the settings for the Centralized Syslog Server as defined by the organization.