The CA API Gateway must forward all log audit log messages to the central log server.
An XCCDF Rule
Description
Protection of log data includes assuring log data is not accidentally lost or deleted. Regularly backing up audit records to a different system or onto separate media than the system being audited helps to assure, in the event of a catastrophic system failure, the audit records will be retained. This helps to ensure a compromise of the information system being audited does not also result in a compromise of the audit records.
- ID
- SV-86149r1_rule
- Version
- CAGW-DM-000130
- Severity
- Low
- References
- Updated
Remediation Templates
A Manual Procedure
Configure the CA API Gateway to forward all audit log messages to the central log server.
- Log in to CA API Gateway as root.
- Open "/etc/rsyslog.conf" for editing.
- Add a rule "*.* @@loghost.log.com" to the ruleset section of the "rsyslogd.conf" file.