The UEM Agent must record within each UEM Agent audit record the following information: -date and time of the event -type of event -subject identity -(if relevant) the outcome (success or failure) of the event.

An XCCDF Rule

Description

<VulnDiscussion>Audit logs enable monitoring of security-relevant events and subsequent forensics when breaches occur. For audit logs to be useful, administrators must have the ability to view them. Satisfies: FAU_GEN.1.2(2) Refinement</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>

ID: SV-234238r617417_rule
Severity: Medium
References: CCI-000132
Updated: about 1 year ago

Configure the UEM Agent to record within each UEM Agent audit record the following information:
-Date and time of the event
-type of event
-subject identity
-(if relevant) the outcome (success or failure) of the event.

The UEM Agent must record within each UEM Agent audit record the following information: -date and time of the event -type of event -subject identity -(if relevant) the outcome (success or failure) of the event.

Description

Remediation - Manual Procedure