STIGhubSTIGhub
STIGsRMF ControlsCompare

STIGhub

A free tool to search and browse the entire DISA STIG library. Saves up to 75% in security compliance research time.

Navigation

  • Browse STIGs
  • Search
  • RMF Controls
  • Compare Versions

Resources

  • About
  • Release Notes
  • VPAT
  • DISA STIG Library
STIGs updated 6 hours ago
Powered by Pylon
© 2026 Beacon Cloud Solutions, Inc. All rights reserved.
← Back to Unified Endpoint Management Agent Security Requirements Guide

V-234242

CAT II (Medium)

The UEM Agent must be configured to enable the following function: transfer managed endpoint device audit logs read by the UEM Agent to an UEM server or third-party audit management server.

Rule ID

SV-234242r961395_rule

STIG

Unified Endpoint Management Agent Security Requirements Guide

Version

V2R1

CCIs

CCI-001851

Discussion

Audit logs and alerts enable monitoring of security-relevant events and subsequent forensics when breaches occur. They help identify when the security posture of the device is not as expected. This enables the UEM administrator to take an appropriate remedial action. MD audit logs must be transferred to an audit management service so they can be analyzed and acted on. Satisfies: FMT_SMF_EXT.4.1 Reference: PP-UEM-401006

Check Content

Verify the UEM Agent has enabled the following function: transfer managed endpoint device audit logs read by the UEM Agent to an UEM server or third-party audit management server.

If the UEM Agent has not enabled the following function: transfer managed endpoint device audit logs read by the UEM Agent to an UEM server or third-party audit management server, this is a finding.

Fix Text

Configure the UEM Agent to enable the following function: transfer managed endpoint device audit logs read by the UEM Agent to an UEM server or third-party audit management server.