STIGhubSTIGhub
STIGsRMF ControlsCompare

STIGhub

A free tool to search and browse the entire DISA STIG library. Saves up to 75% in security compliance research time.

Navigation

  • Browse STIGs
  • Search
  • RMF Controls
  • Compare Versions

Resources

  • About
  • Release Notes
  • VPAT
  • DISA STIG Library
STIGs updated 2 hours ago
Powered by Pylon
© 2026 Beacon Cloud Solutions, Inc. All rights reserved.
← Back to Ivanti Sentry 9.x NDM Security Technical Implementation Guide

V-251006

CAT I (High)

Sentry must be configured to send log data to a central log server for the purpose of forwarding alerts to the administrators and the ISSO.

Rule ID

SV-251006r1028244_rule

STIG

Ivanti Sentry 9.x NDM Security Technical Implementation Guide

Version

V3R1

CCIs

CCI-002605

Discussion

Without syslog enabled it will be difficult for an ISSO to correlate the users behavior and identify potential threats within the logs.

Check Content

To identify/validate Sentry support for syslog forwarding, follow the navigation steps below. 

1. Log in to the Sentry.
2. Navigate to "Settings".
3. Scroll down to "Syslog".
4. Verify that a syslog server has been configured correctly. 
      a. Verify Server IP address.
      b. Verify Port.
      c. Verify Facility Types.
      d. Verify Admin state is enabled.

If syslog forwarding has not been implemented, this is a finding.

Fix Text

Configure the Sentry to forward syslog data using the steps below Refer to "Sentry Guide for Core", section "Syslog", page 140.
  
 1. Log in to the Sentry.
 2. Navigate to "Settings".
 3. Scroll down to "Syslog".
 4. If there is no syslog server entry, ADD the server:
      a. Add Server IP address.
      b. Add Port.
      c. Select/add Facility Types and Log Levels.
     d. Enable Admin state.