The web server must record time stamps for log records to a minimum granularity of one second.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
| V-206426 | SRG-APP-000375-WSR-000171 | SV-206426r961446_rule | CCI-001889 | medium |
| Description | ||||
| Without sufficient granularity of time stamps, it is not possible to adequately determine the chronological order of records. Time stamps generated by the web server include date and time and must be to a granularity of one second. | ||||
| STIG | Date | |||
| Web Server Security Requirements Guide | 2025-02-12 | |||
Related Frameworks
3 paths across 3 frameworks
Related Frameworks
NIST 800-531 mapping
AU-8
1.00
- DISA · 4 · disa_xccdf · related
- DISA · 2025-01-23 · disa_cci_list · equivalent
NIST 800-1711 mapping
3.3.7
1.00
- DISA · 4 · disa_xccdf · related
- DISA · 2025-01-23 · disa_cci_list · equivalent
- NIST · Rev 2 (Feb 2020, errata Jan 2021) · nist_800_171_app_d · equivalent
CCI1 mapping
CCI-001889
1.00
- DISA · 4 · disa_xccdf · related
Details
Check Text (C-206426r961446_chk)
Review the web server documentation and configuration to determine if log records are time stamped to a minimum granularity of one second.
Have a user generate a logable event and review the log data to determine if the web server is configured correctly.
If the log data does not contain a time stamp to a minimum granularity of one second, this is a finding.
Fix Text (F-6687r377871_fix)
Configure the web server to record log events with a time stamp to a granularity of one second.