Analysis, viewing, and indexing functions, services, and applications used as part of the Central Log Server must be configured to comply with DoD-trusted path and access requirements.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-206518	SRG-APP-000516-AU-000410	SV-206518r961863_rule		Medium

Description

Analysis, viewing, and indexing functions, services, and applications, such as analysis tools and other vendor-provided applications, must be secured. Software used to perform additional functions, which resides on the server, must also be secured or could provide a vector for unauthorized access to the events repository.

STIG	Date
Central Log Server Security Requirements Guide	2024-12-04

Details

Check Text (C-6778r285795_chk)

Examine the configuration.

Verify analysis, viewing, and indexing functions, services, and applications used with the Central Log Server are configured to comply with DoD-trusted path and access requirements.

If analysis, viewing, and indexing functions, services, and applications used with the Central Log Server are not configured to comply with DoD-trusted path and access requirements, this is a finding.

Fix Text (F-6778r285796_fix)

Configure all analysis, viewing, and indexing functions, services, and applications used with the Central Log Server to comply with DoD-trusted path and access requirements.