The application must produce audit records containing sufficient information to establish the identity of any user/subject or process associated with the event.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-35291	SRG-APP-000100-MAPP-NA	SV-46578r1_rule		Medium

Description
Information system auditing capability is critical for accurate forensic analysis. Audit record content that may be necessary to satisfy the requirement of this control, includes: time stamps, source and destination addresses, user/process identifiers, event descriptions, success/fail indications, filenames involved, and access control or flow control rules invoked. Rationale for non-applicability: The MOS SRG contains a requirement for logging application startup and a number of other security critical events. No further audit logging must be coded into each application running on the MOS, but application developers may do so for application-specific concerns.

Description

Information system auditing capability is critical for accurate forensic analysis. Audit record content that may be necessary to satisfy the requirement of this control, includes: time stamps, source and destination addresses, user/process identifiers, event descriptions, success/fail indications, filenames involved, and access control or flow control rules invoked. Rationale for non-applicability: The MOS SRG contains a requirement for logging application startup and a number of other security critical events. No further audit logging must be coded into each application running on the MOS, but application developers may do so for application-specific concerns.

STIG	Date
Mobile Application Security Requirements Guide	2013-01-04

Details

Check Text ( C-43660r1_chk )
This requirement is NA for the MAPP SRG.

Fix Text (F-39837r1_fix)
The requirement is NA. No fix is required.