STIGhubSTIGhub
STIGsRMF ControlsCompare

STIGhub

A free tool to search and browse the entire DISA STIG library. Saves up to 75% in security compliance research time.

Navigation

  • Browse STIGs
  • Search
  • RMF Controls
  • Compare Versions

Resources

  • About
  • Release Notes
  • VPAT
  • DISA STIG Library
STIGs updated just now
Powered by Pylon
© 2026 Beacon Cloud Solutions, Inc. All rights reserved.
← Back to IBM DataPower ALG Security Technical Implementation Guide

V-65255

CAT II (Medium)

The DataPower Gateway providing user access control intermediary services must provide the capability for authorized users to select a user session to capture or view.

Rule ID

SV-79745r1_rule

STIG

IBM DataPower ALG Security Technical Implementation Guide

Version

V1R1

CCIs

CCI-001919

Discussion

Without the capability to select a user session to capture or view, investigations into suspicious or harmful events would be hampered by the volume of information captured. The intent of this requirement is to ensure the capability to select specific sessions to capture is available in order to support general auditing/incident investigation, or to validate suspected misuse by a specific user. Examples of session events that may be captured include, port mirroring, tracking websites visited, and recording information and/or file transfers.

Check Content

Search Bar “Log Target” >> Log target >> Event Subscription tab. 

If “audit” is not listed under Event Category, this is a finding. (Note: If the only Log Target available is “default-log”, this is a finding.)

Fix Text

Search Bar “Log Target” >> Log target >> Event Subscription tab >> Add >> Event Category “audit” >> Minimum Event Priority event priority level >> Apply >> Apply >> Save Configuration.

If the only log target is “default-log”: Type “Log Target” in the Search field >> Log target >> Main tab >> Target Type “syslog” >> syslog Facility facility >> Local Identifier identifier >> Remote Host hostname.