EX13-MB-000045 - Exchange Message Tracking Logging must be enabled.

Warning! Audit Deprecated

This audit has been deprecated and will be removed in a future update.

View Next Audit Version

Information

A message tracking log provides a detailed log of all message activity as messages are transferred to and from a computer running Exchange.

If events are not recorded, it may be difficult or impossible to determine the root cause of system problems or the unauthorized activities of malicious users.

Solution

Open the Exchange Management Shell and enter the following command:

Set-TransportService -Identity <'IdentityName'> - MessageTrackingLogEnabled $True

Note: The <IdentityName> value must be in quotes.

See Also

https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_MS_Exchange_2013_STIG.zip

Item Details

Category: AUDIT AND ACCOUNTABILITY

References: 800-53|AU-12, CAT|II, CCI|CCI-000133, Rule-ID|SV-84579r2_rule, STIG-ID|EX13-MB-000045, Vuln-ID|V-69957

Plugin: Windows

Control ID: ecb7035ff0a201f01234b0644ed3583abce5824e6139e76c22d33d160cd16bbf