Skip to content

The Samsung SDS EMM must be configured to communicate the following commands to the MDM Agent: read audit logs kept by the MD.

An XCCDF Rule

Description

Audit logs enable monitoring of security-relevant events and subsequent forensics when breaches occur. For audit logs to be useful, administrators must have the ability to view them. SFR ID: FMT_SMF.1.1(1) #19

ID
SV-225641r588007_rule
Version
SSDS-00-000110
Severity
Medium
References
Updated

Remediation Templates

A Manual Procedure

Use the following instructions to verify the command has been configured to read audits to the MDM Agent on the SDS EMM server:

On the MDM console, do the following:
1. Log in to the Admin Console using a web browser.
2. Go to Service Overview >> Log and Event >> Audit Event. 
3. Select all audit events with audit type of "Device" and click the "Save" button.