STIGhubSTIGhub
STIGsSearchCompare

STIGhub

A free tool to search and browse the entire DISA STIG library. Saves up to 75% in security compliance research time.

Navigation

  • Browse STIGs
  • Search
  • Compare Versions

Resources

  • About
  • Release Notes
  • VPAT
  • DISA STIG Library
STIGs updated 3 hours ago
Powered by Pylon
© 2026 Beacon Cloud Solutions, Inc. All rights reserved.
← Back to Application Server Security Requirements Guide

V-204738

CAT II (Medium)

The application server must back up log records at least every seven days onto a different system or system component than the system or component being logged.

Rule ID

SV-204738r960948_rule

STIG

Application Server Security Requirements Guide

Version

V4R4

CCIs

CCI-001348

Discussion

Protection of log data includes assuring log data is not accidentally lost or deleted. Backing up log records to a different system or onto separate media from the system the application server is actually running on helps to assure that in the event of a catastrophic system failure, the log records will be retained.

Check Content

Review the application server configuration to determine if the application server backs up log records every seven days onto a different system or media from the system being logged.

If the application server does not back up log records every seven days onto a different system or media from the system being logged, this is a finding.

Fix Text

Configure the application server to back up log records every seven days onto a different system or media from the system being logged.