Documentation - V-222482

V-222482

Application Security and Development Security Technical Implementation Guide

CAT II

Title

The application must be configured to write application logs to a centralized log repository.

Description

<VulnDiscussion>Information stored in one location is vulnerable to accidental or incidental deletion or alteration. In addition, attackers often manipulate logs to hide or obfuscate their activity. Off-loading is a common process in information systems with limited audit storage capacity or when trying to assure log availability and integrity. This requirement is meant to address space limitations and integrity issues that can be encountered when storing logs on the local server. The goal o...

Fix Text (Documentation Requirement)

Configure the application to utilize a centralized log repository and ensure the logs are off-loaded from the application system as quickly as possible.

View Full STIG Details →

Documentation Status

Status

Documented Verified - link to a ship document Awaiting Review Evidence submitted, needs verification Pending Needs documentation Not Required Documentation not needed Not Applicable STIG doesn't apply

Notes (Optional)

Cancel