GEN005440-ESXI5-000078 - The system must not be used as a syslog server (log host) for systems external to the enclave

Information

Syslog messages are typically unencrypted and may contain sensitive information and are, therefore, restricted to the enclave.

Solution

Step 1: Verify that the vSphere Syslog Collector syslog host has been configured. If not, install/enable the vSphere Syslog Collector.
Step 2: From the vSphere Client: Select the host and click 'Configuration >> Advanced Settings >> Syslog >> Global'.
Step 3: Set 'Syslog.global.logHost' to the syslog server hostname restricted to the enclave.

See Also

http://iase.disa.mil/stigs/os/virtualization/Pages/index.aspx

Item Details

Category: AUDIT AND ACCOUNTABILITY

References: 800-53|AU-9, CAT|II, CCI|CCI-000366, Group-ID|V-39279, Rule-ID|SV-51095r1_rule, STIG-ID|GEN005440-ESXI5-000078

Plugin: VMware

Control ID: 23e370055c44308e00c975d44bf1c8e8d20b5d60cab78539ad8fb82df0c4fdfc