The DataPower Gateway must off-load audit records onto a centralized log server.

An XCCDF Rule

Details
Profiles

Description

Information stored in one location is vulnerable to accidental or incidental deletion or alteration. Off-loading is a common process in information systems with limited audit storage capacity. This does not apply to audit logs generated on behalf of the device itself (management).

ID: SV-79749r1_rule
Version: WSDP-AG-000090
Severity: Medium
References: CCI-001851
Updated: 4 days ago

Remediation Templates

Search Bar “Log Target” in the Search field >> Log target >> Event Subscription tab >> Add >> Event Category “audit” >> Minimum Event Priority event priority level >> Apply >> Apply >> Save Configuration.

If the only log target is “default-log”: Type “Log Target” in the Search field >> Log target >> Main tab >> Target Type “syslog” >> syslog Facility facility >> Local Identifier identifier >> Remote Host hostname.

The DataPower Gateway must off-load audit records onto a centralized log server.

Description

Remediation Templates

A Manual Procedure