UCF STIG Viewer Logo

Syslog messages must be retained for a minimum of 30 days online and then stored offline for one year.


Finding ID Version Rule ID IA Controls Severity
V-251374 NET1026 SV-251374r806077_rule Low
Logging is a critical part of router security. Maintaining an audit trail of system activity logs (syslog) can help identify configuration errors, understand past intrusions, troubleshoot service disruptions, and react to probes and scans of the network.
Network Infrastructure Policy Security Technical Implementation Guide 2023-05-04


Check Text ( C-54809r806075_chk )
Examine the syslog server to verify that it is configured to store messages for at least 30 days. Have the administrator show you the syslog files stored offline for one year.

If the syslog messages are not kept online for thirty days and offline for one year, this is a finding.
Fix Text (F-54762r806076_fix)
Configure the syslog server to store messages for at least 30 days on-line. The administrator must establish a strategy for storing the logs off-line for minimum of 1 year.