The network device must dump logs when they reach 75% capacity to a syslog server.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-14647 | NET0388 | SV-15273r2_rule | ECSC-1 | Low |
| Description |
|---|
| Having a procedure tested and verified will prevent the logs from filling when they reach 75% capacity. |
| STIG | Date |
|---|---|
| Firewall Security Technical Implementation Guide - Cisco | 2017-12-07 |
Details
| Check Text ( C-13715r2_chk ) |
|---|
| Review the device configuration to determine if logs are being dumped to a syslog when meeting the 75% storage capacity. If logs aren't being dumped at 75% capacity, this is a finding. |
| Fix Text (F-14749r2_fix) |
|---|
| Configure the device to dump logs to a syslog server when reaching a storage capacity of 75%. |