STIGhubSTIGhub
STIGsSearchCompare

STIGhub

A free tool to search and browse the entire DISA STIG library. Saves up to 75% in security compliance research time.

Navigation

  • Browse STIGs
  • Search
  • Compare Versions

Resources

  • About
  • Release Notes
  • VPAT
  • DISA STIG Library
STIGs updated 3 hours ago
Powered by Pylon
© 2026 Beacon Cloud Solutions, Inc. All rights reserved.
← Back to Central Log Server Security Requirements Guide

V-263567

CAT II (Medium)

The Central Log Server must implement the capability to process, sort, and search audit records for events of interest based on organization-defined audit fields within audit records.

Rule ID

SV-263567r982421_rule

STIG

Central Log Server Security Requirements Guide

Version

V3R4

CCIs

CCI-003830

Discussion

Events of interest can be identified by the content of audit records, including system resources involved, information objects accessed, identities of individuals, event types, event locations, event dates and times, Internet Protocol addresses involved, or event success or failure. Organizations may define event criteria to any degree of granularity required, such as locations selectable by a general networking location or by specific system component.

Check Content

Verify the Central Log Server is configured to implement the capability to process, sort, and search audit records for events of interest based on organization-defined audit fields within audit records.

If the Central Log Server is not configured to implement the capability to process, sort, and search audit records for events of interest based on organization-defined audit fields within audit records, this is a finding.

Fix Text

Configure the Central Log Server to implement the capability to process, sort, and search audit records for events of interest based on organization-defined audit fields within audit records.