| Hostname | IP Address | Status | Assigned To | Last Scan | Actions |
|---|---|---|---|---|---|
| MONT-AP-002 | 164.231.187.39 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 4CDBFD3690EC549DDFFFB51C92201C493EF00B4B ~~~~~ C:\windows\System32\Winevt\Logs\Application.evtx --------------------- Default permissions are in place. Current ACL: NT SERVICE\EventLog:(I)(F) NT AUTHORITY\SYSTEM:(I)(F) BUILTIN\Administrators:(I)(F) --------------------- Comments |
|||||
| MONT-BE-002 | 164.231.187.37 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 4CDBFD3690EC549DDFFFB51C92201C493EF00B4B ~~~~~ C:\windows\System32\Winevt\Logs\Application.evtx --------------------- Default permissions are in place. Current ACL: NT SERVICE\EventLog:(I)(F) NT AUTHORITY\SYSTEM:(I)(F) BUILTIN\Administrators:(I)(F) --------------------- Comments |
|||||
| MONT-DB-002 | 164.231.187.38 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 4CDBFD3690EC549DDFFFB51C92201C493EF00B4B ~~~~~ C:\windows\System32\Winevt\Logs\Application.evtx --------------------- Default permissions are in place. Current ACL: NT SERVICE\EventLog:(I)(F) NT AUTHORITY\SYSTEM:(I)(F) BUILTIN\Administrators:(I)(F) --------------------- Comments |
|||||
| MONT-DC-003 | 164.231.187.34 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 4CDBFD3690EC549DDFFFB51C92201C493EF00B4B ~~~~~ C:\windows\System32\Winevt\Logs\Application.evtx --------------------- Default permissions are in place. Current ACL: NT SERVICE\EventLog:(I)(F) NT AUTHORITY\SYSTEM:(I)(F) BUILTIN\Administrators:(I)(F) --------------------- Comments |
|||||
| MONT-DP-001 | 164.231.187.44 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 4CDBFD3690EC549DDFFFB51C92201C493EF00B4B ~~~~~ C:\windows\System32\Winevt\Logs\Application.evtx --------------------- Default permissions are in place. Current ACL: NT SERVICE\EventLog:(I)(F) NT AUTHORITY\SYSTEM:(I)(F) BUILTIN\Administrators:(I)(F) --------------------- Comments |
|||||
| MONT-MB-002 | 164.231.187.36 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 4CDBFD3690EC549DDFFFB51C92201C493EF00B4B ~~~~~ C:\windows\System32\Winevt\Logs\Application.evtx --------------------- Default permissions are in place. Current ACL: NT SERVICE\EventLog:(I)(F) NT AUTHORITY\SYSTEM:(I)(F) BUILTIN\Administrators:(I)(F) --------------------- Comments |
|||||
| MONT-VSF-003 | 164.231.187.42 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 4CDBFD3690EC549DDFFFB51C92201C493EF00B4B ~~~~~ C:\windows\System32\Winevt\Logs\Application.evtx --------------------- Default permissions are in place. Current ACL: NT SERVICE\EventLog:(I)(F) NT AUTHORITY\SYSTEM:(I)(F) BUILTIN\Administrators:(I)(F) --------------------- Comments |
|||||
| MONT-VSF-004 | 164.231.187.43 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 4CDBFD3690EC549DDFFFB51C92201C493EF00B4B ~~~~~ C:\windows\System32\Winevt\Logs\Application.evtx --------------------- Default permissions are in place. Current ACL: NT SERVICE\EventLog:(I)(F) NT AUTHORITY\SYSTEM:(I)(F) BUILTIN\Administrators:(I)(F) --------------------- Comments |
|||||
Check Text
Navigate to the Application event log file. The default location is the "%SystemRoot%\System32\winevt\Logs" folder. However, the logs may have been moved to another folder. If the permissions for the "Application.evtx" file are not as restrictive as the default permissions listed below, this is a finding. Eventlog - Full Control SYSTEM - Full Control Administrators - Full Control
Fix Text
Configure the permissions on the Application event log file (Application.evtx) to prevent access by non-privileged accounts. The default permissions listed below satisfy this requirement: Eventlog - Full Control SYSTEM - Full Control Administrators - Full Control The default location is the "%SystemRoot%\ System32\winevt\Logs" folder. If the location of the logs has been changed, when adding Eventlog to the permissions, it must be entered as "NT Service\Eventlog".