Skip to content

The CA API Gateway must forward all log audit log messages to the central log server.

An XCCDF Rule

Description

Protection of log data includes assuring log data is not accidentally lost or deleted. Regularly backing up audit records to a different system or onto separate media than the system being audited helps to assure, in the event of a catastrophic system failure, the audit records will be retained. This helps to ensure a compromise of the information system being audited does not also result in a compromise of the audit records.

ID
SV-86149r1_rule
Version
CAGW-DM-000130
Severity
Low
References
Updated

Remediation Templates

A Manual Procedure

Configure the CA API Gateway to forward all audit log messages to the central log server.

- Log in to CA API Gateway as root.
- Open "/etc/rsyslog.conf" for editing.
- Add a rule "*.* @@loghost.log.com" to the ruleset section of the "rsyslogd.conf" file.