Ax-OS must off-load audit records onto a different system or media than the system being audited.
Severity | Group ID | Group Title | Version | Rule ID | Date | STIG Version |
|---|---|---|---|---|---|---|
| high | V-276014 | SRG-APP-000358 | AXOS-00-000070 | SV-276014r1122692_rule | 2025-07-22 | 1 |
| Description |
|---|
| Information stored in one location is vulnerable to accidental or incidental deletion or alteration. Off-loading is a common process in information systems with limited audit storage capacity. Satisfies: SRG-APP-000358, SRG-APP-000086, SRG-APP-000090, SRG-APP-000097, SRG-APP-000108, SRG-APP-000111, SRG-APP-000115, SRG-APP-000116, SRG-APP-000118, SRG-APP-000120, SRG-APP-000121, SRG-APP-000122, SRG-APP-000123, SRG-APP-000125, SRG-APP-000181, SRG-APP-000267, SRG-APP-000275, SRG-APP-000291, SRG-APP-000292, SRG-APP-000293, SRG-APP-000294, SRG-APP-000320, SRG-APP-000357, SRG-APP-000359, SRG-APP-000360, SRG-APP-000362, SRG-APP-000363, SRG-APP-000364, SRG-APP-000365, SRG-APP-000366, SRG-APP-000367, SRG-APP-000368, SRG-APP-000369, SRG-APP-000370, SRG-APP-000376, SRG-APP-000515, SRG-APP-000745, SRG-APP-000750, SRG-APP-000755, SRG-APP-000760, SRG-APP-000765, SRG-APP-000770, SRG-APP-000775, SRG-APP-000780, SRG-APP-000785, SRG-APP-000790, SRG-APP-000795, SRG-APP-000800, SRG-APP-000945, SRG-APP-000950, SRG-APP-000955 |
| ℹ️ Check |
|---|
| Select the gear icon (System Settings) >> External Integrations >> Syslog. Under the Syslog menu, if the "Use Syslog" slide bar is not selected, this is a finding. Under the Syslog menu, if "Syslog instance" has not been configured for an external log server(or otherwise proven Syslog is being captured by an external log server), this is a finding. |
| ✔️ Fix |
|---|
| Select the gear icon (System Settings) >> External Integrations >> Syslog. Under the Syslog menu, enable "Use Syslog". Under the Syslog menu, configure "Syslog instance" for an external log server. |