The Sun Ray system and user logs are not reviewed weekly.

From Sun Ray 4 Policy STIG

Part of Sun Ray logs not reviewed weekly

Associated with IA controls: ECAT-2, ECAT-1

SV-17406r1_rule The Sun Ray system and user logs are not reviewed weekly.

Vulnerability discussion

If a system administrator does not review Sun Ray logs weekly, there is the potential that an attack or other security issue can go unnoticed for a week or more, which is unacceptable in DoD environments.

Check content

Critical Sun Ray log files are the administration, authentication, automatic mounting, mass storage devices, messages, and web administration. These logs are listed below. Ask the IAO/SA if Sun Ray logs are reviewed weekly. # ls-lL /var/opt/SUNWut/log | less admin_log auth_log utmountd.log utstoraged.log messages utwebadmin.log If these logs are being written to an external syslog server, ask the IAO/SA if these are reviewed weekly.

Fix text

Review Sun Ray logs at a minimum weekly.

Pro Tips

Lavender hyperlinks in small type off to the right (of CSS class id, if you view the page source) point to globally unique URIs for each document and item. Copy the link location and paste anywhere you need to talk unambiguously about these things.

You can obtain data about documents and items in other formats. Simply provide an HTTP header Accept: text/turtle or Accept: application/rdf+xml.

Powered by sagemincer