Analysis, viewing, and indexing functions, services, and applications used as part of the Central Log Server must be configured to comply with DoD trusted path and access requirements.

From Central Log Server Security Requirements Guide

Associated with: CCI-000366

SRG-APP-000516-AU-000410_rule Analysis, viewing, and indexing functions, services, and applications used as part of the Central Log Server must be configured to comply with DoD trusted path and access requirements.

Vulnerability discussion

Analysis, viewing, and indexing functions, services, and applications, such as analysis tools and other vendor-provided applications, must be secured. Software used to perform additional functions, which resides on the server, must also be secured or could provide a vector for unauthorized access to the events repository.

Check content

Examine the configuration. Verify analysis, viewing, and indexing functions, services, and applications used with the Central Log Server are configured to comply with DoD trusted path and access requirements. If analysis, viewing, and indexing functions, services, and applications used with the Central Log Server are not configured to comply with DoD trusted path and access requirements, this is a finding.

Fix text

Configure all analysis, viewing, and indexing functions, services, and applications used with the Central Log Server to comply with DoD trusted path and access requirements.

Pro Tips

Lavender hyperlinks in small type off to the right (of CSS class id, if you view the page source) point to globally unique URIs for each document and item. Copy the link location and paste anywhere you need to talk unambiguously about these things.

You can obtain data about documents and items in other formats. Simply provide an HTTP header Accept: text/turtle or Accept: application/rdf+xml.