V-215837
CAT IIThe Cisco router must be configured to generate an alert for all audit failure events.
- Ships Affected
- 1
- Total Findings
- 1
- Open
- 0
- Closed
- 1
Check Text
Review the Cisco router configuration to verify that it is compliant with this requirement as shown in the example below.
logging trap critical
Note: The parameter "critical" can replaced with a lesser severity level (i.e. error, warning, notice, informational). Informational is the default severity level; hence, if the severity level is configured to informational, the logging trap command will not be shown in the configuration.
If the Cisco router is not configured to generate an alert for all audit failure events, this is a finding.
Fix Text
Configure the Cisco router to send critical to emergency log messages to the syslog server as shown in the example below.
R4(config)#logging trap critical
Note: The parameter "critical" can replaced with a lesser severity level (i.e., error, warning, notice, informational).
STIG Reference
- STIG
- Cisco IOS XE Router NDM Security Technical Implementation Guide
- Version
- 3
- Release
- 7
- Rule ID
- SV-215837r991886_rule
All Occurrences
This vulnerability appears on 1 ship(s)
| Ship | Hull # | Source File | Status | Assigned To | Scan Date | Actions |
|---|---|---|---|---|---|---|
| USNS MONTFORD POINT | T-ESD-1 | _Reviewed/MONTPOINTGTWYRTR/Checklist/MONTPOINTGTWYRTR_CiscoXERtrNDM_V3R5_20251023-150045.ckl | Unassigned | 2026-01-14T12:57:25.013310 | View in Context |