The UEM Agent must record within each UEM Agent audit record the following information: -date and time of the event -type of event -subject identity -(if relevant) the outcome (success or failure) of the event.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
| V-234238 | SRG-APP-000097-UEM-100005 | SV-234238r617417_rule | CCI-000132 | medium |
| Description | ||||
| Audit logs enable monitoring of security-relevant events and subsequent forensics when breaches occur. For audit logs to be useful, administrators must have the ability to view them. Satisfies: FAU_GEN.1.2(2) Refinement | ||||
| STIG | Date | |||
| Unified Endpoint Management Agent Security Requirements Guide | 2020-12-14 | |||
Details
Check Text (C-234238r617417_chk)
Verify the UEM Agent records within each UEM Agent audit record the following information:
-Date and time of the event
-type of event
-subject identity
-(if relevant) the outcome (success or failure) of the event.
If the UEM Agent does not record within each UEM Agent audit record the following information:
-Date and time of the event
-type of event
-subject identity
-(if relevant) the outcome (success or failure) of the event
this is a finding.
Fix Text (F-37388r612021_fix)
Configure the UEM Agent to record within each UEM Agent audit record the following information:
-Date and time of the event
-type of event
-subject identity
-(if relevant) the outcome (success or failure) of the event.