6.4 Ensure that audit logging for 'MCP, tmsh and GUI' is set to enabled

Information

To enable audit logging on configuration changes that users or services make to the BIG-IP system.

Rationale:

Impact:

Audit logging provides a mechanism to investigate security incidents and unauthorised activities . It is also necessary for compliance auditing.

NOTE: Nessus has not performed this check. Please review the benchmark to ensure target compliance.

Solution

1-Login to Configuration utility

2-Go to System > Logs > Configuration > Options

3- Under Audit Logging :
Select 'Enable' for all items : 'MCP' , 'tmsh' and 'GUI'

See Also

https://workbench.cisecurity.org/files/3587

Item Details

Category: AUDIT AND ACCOUNTABILITY

References: 800-53|AU-1, 800-53|AU-2, CSCv7|6.2

Plugin: F5

Control ID: feec8ac250e5139f30ef8b6b9a34dd8ef69991a706227669ccdfeeec60a3cca9