The application server must back up log records at least every seven days onto a different system or system component than the system or component being logged.
Severity | Group ID | Group Title | Version | Rule ID | Date | STIG Version |
|---|---|---|---|---|---|---|
| medium | V-204738 | SRG-APP-000125 | SRG-APP-000125-AS-000084 | SV-204738r960948_rule | 2025-02-11 | 4 |
| Description |
|---|
| Protection of log data includes assuring log data is not accidentally lost or deleted. Backing up log records to a different system or onto separate media from the system the application server is actually running on helps to assure that in the event of a catastrophic system failure, the log records will be retained. |
| ℹ️ Check |
|---|
| Review the application server configuration to determine if the application server backs up log records every seven days onto a different system or media from the system being logged. If the application server does not back up log records every seven days onto a different system or media from the system being logged, this is a finding. |
| ✔️ Fix |
|---|
| Configure the application server to back up log records every seven days onto a different system or media from the system being logged. |