1.10.8 Ensure 'syslog logging facility' is equal to '23'

Information

Sets the facility (location) on the syslog server for the log messages sent by the security appliance

Rationale:

Logs should be directed to a consistent and expected logging facility to ensure proper processing and storage by the remote system. There are eight possible logging facilities: 16 (LOCAL0) through 23 (LOCAL7) for the logs messages sent by the security appliance to the syslog server.

Solution

* Step 1: Run the following command to set the logging facility to 23

HOSTNAME(CONFIG)# LOGGING FACILITY 23

See Also

https://workbench.cisecurity.org/files/1903

Item Details

Category: AUDIT AND ACCOUNTABILITY

References: 800-53|AU-4, CSCv7|6.4

Plugin: Cisco

Control ID: 0d085b60430a206d485f68a71940a129ea1c5746dec990bcfe28b0cc0da05d73