Rule ID
SV-283074r1193914_rule
Version
V1R1
CCIs
Audit information includes all information needed to successfully audit system activity, such as audit records, audit log settings, audit reports, and personally identifiable information. Audit logging tools are those programs and devices used to conduct system audit and logging activities. Protection of audit information focuses on technical protection and limits the ability to access and execute audit logging tools to authorized individuals. Physical protection of audit information is addressed by both media protection controls and physical and environmental protection controls.
Identify the SNMP trap recipient and report SNMP configuration: cli% showsnmpmgr HostIP Port SNMPVersion User Notify AlertClear <snmp trap recipient IP> 162 3 Alletrasnmpuser standard standard If the SNMP trap recipient IP address is incorrect, this is a finding. If the SNMP port is not "162", this is a finding. If the SNMP version is not "3", this is a finding. If the SNMP user ID is incorrect, this is a finding.
Configure SNMPv3 alert notifications using the following sequence of operations: Add the IP address of the SNMPv3 trap recipient, where permissions of the account are used: cli% addsnmpmgr -version 3 -snmpuser Alletrasnmpuser <ip address>