Nutanix AOS must offload audit records to a syslog server.

An XCCDF Rule

Details
Profiles

Description

Information stored in one location is vulnerable to accidental or incidental deletion or alteration. Offloading is a common process in information systems with limited audit storage capacity. Satisfies: SRG-OS-000342-GPOS-00133, SRG-OS-000479-GPOS-00224

ID: SV-254179r846625_rule
Version: NUTX-OS-000770
Severity: Medium
References: CCI-001851
Updated: 5 days ago

Remediation Templates

Configure AOS to offload audit records to site specific syslog server by running the following command.

ncli rsyslog-config add-server name=[alias_of_central_host] ip-address=[IP_of_central_host] port=[port_of_central_host] network-protocol=tcp|udp|relp relp-enabled=yes|no; ncli rsyslog-config add-module module-name=syslog_module level=info server-name=[alias_of_central_host]

Nutanix AOS must offload audit records to a syslog server.

Description

Remediation Templates

A Manual Procedure