From IBM MQ Appliance v9.0 NDM Security Technical Implementation Guide
Part of SRG-APP-000125-NDM-000241
Associated with: CCI-001348
Protection of log data includes assuring log data is not accidentally lost or deleted. Regularly backing up audit records to a different system or onto separate media than the system being audited helps to assure, in the event of a catastrophic system failure, the audit records will be retained. This helps to ensure a compromise of the information system being audited does not also result in a compromise of the audit records.
Log on to the MQ Appliance CLI as a privileged user. Enter: co show logging target All configured logging targets will be displayed. Verify: - This list of log targets includes an appropriate syslog notification target; - The log target is enabled; and - It includes all desired log event source and log level parameters, e.g., event audit debug. If any of these conditions is not true, this is a finding.
Log on to the MQ Appliance CLI as a privileged user.
Configure a syslog target.
To enter global configuration mode, enter "config".
To create a syslog target, enter:
logging target
Lavender hyperlinks in small type off to the right (of CSS
class id, if you view the page source) point to
globally unique URIs for each document and item. Copy the
link location and paste anywhere you need to talk
unambiguously about these things.
You can obtain data about documents and items in other
formats. Simply provide an HTTP header Accept:
text/turtle or
Accept: application/rdf+xml.
Powered by sagemincer