The UEM Agent must record within each UEM Agent audit record the following information: -date and time of the event -type of event -subject identity -(if relevant) the outcome (success or failure) of the event.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
| V-234238 | SRG-APP-000097-UEM-100005 | SV-234238r617417_rule | Medium |
| Description |
| Audit logs enable monitoring of security-relevant events and subsequent forensics when breaches occur. For audit logs to be useful, administrators must have the ability to view them. Satisfies: FAU_GEN.1.2(2) Refinement |
| STIG | Date |
| Unified Endpoint Management Agent Security Requirements Guide | 2020-12-14 |
Details
| Check Text (C-37423r617417_chk) |
| Verify the UEM Agent records within each UEM Agent audit record the following information: -Date and time of the event -type of event -subject identity -(if relevant) the outcome (success or failure) of the event. If the UEM Agent does not record within each UEM Agent audit record the following information: -Date and time of the event -type of event -subject identity -(if relevant) the outcome (success or failure) of the event this is a finding. |
| Fix Text (F-37388r612021_fix) |
| Configure the UEM Agent to record within each UEM Agent audit record the following information: -Date and time of the event -type of event -subject identity -(if relevant) the outcome (success or failure) of the event. |