STIGhubSTIGhub
STIGsRMF ControlsCompare

STIGhub

A free tool to search and browse the entire DISA STIG library. Saves up to 75% in security compliance research time.

Navigation

  • Browse STIGs
  • Search
  • RMF Controls
  • Compare Versions

Resources

  • About
  • Release Notes
  • VPAT
  • DISA STIG Library
STIGs updated 2 hours ago
Powered by Pylon
© 2026 Beacon Cloud Solutions, Inc. All rights reserved.
← Back to Jamf Pro v10.x EMM Security Technical Implementation Guide

V-241793

CAT II (Medium)

The Jamf Pro EMM server must be configured to transfer Jamf Pro EMM server logs to another server for storage, analysis, and reporting. Note: Jamf Pro EMM server logs include logs of MDM events and logs transferred to the Jamf Pro EMM server by MDM agents of managed devices.

Rule ID

SV-241793r961395_rule

STIG

Jamf Pro v10.x EMM Security Technical Implementation Guide

Version

V3R1

CCIs

CCI-001851

Discussion

Audit logs enable monitoring of security-relevant events and subsequent forensics when breaches occur. Since the Jamf Pro EMM server has limited capability to store mobile device log files and perform analysis and reporting of mobile device log files, the Jamf Pro EMM server must have the capability to transfer log files to an audit log management server. SFR ID: FMT_SMF.1.1(2) i, FAU_STG_EXT.1.1(1)

Check Content

Verify the Jamf Pro EMM server is enabled to push syslog:

1. Open Jamf Pro server.
2. Open "Settings".
3. Select "Change Management".
4. Verify the settings for Syslog Server (log file transfer to the syslog server).

If the Jamf Pro EMM server is not configured to enable syslog, this is a finding.

Fix Text

Configure the Jamf Pro EMM server to enable syslog:

1. Open Jamf Pro server.
2. Open "Settings".
3. Select "Change Management".
4. Click "Edit".
5. Configure the settings for Syslog Server.
6. Click "Save".