800-53|AU-14(2)

Title

CAPTURE/RECORD AND LOG CONTENT

Description

The information system provides the capability for authorized users to capture/record and log content related to a user session.

Reference Item Details

Category: AUDIT AND ACCOUNTABILITY

Parent Title: SESSION AUDIT

Family: AUDIT AND ACCOUNTABILITY

Audit Items

View all Reference Audit Items

NamePluginAudit Name
DKER-EE-001080 - The audit log configuration level must be set to request in the Universal Control Plane (UCP) component of Docker Enterprise.UnixDISA STIG Docker Enterprise 2.x Linux/Unix UCP v2r2
FNFG-FW-000155 - The FortiGate firewall must allow authorized users to record a packet-capture-based IP, traffic type (TCP, UDP, or ICMP), or protocol.FortiGateDISA Fortigate Firewall STIG v1r3
IIST-SV-000102 - The enhanced logging for the IIS 10.0 web server must be enabled and capture all user and web server events.WindowsDISA IIS 10.0 Server v2r10
IISW-SI-000205 - The enhanced logging for each IIS 8.5 website must be enabled and capture, record, and log all content related to a user sessionWindowsDISA IIS 8.5 Site v2r9
IISW-SV-000102 - The enhanced logging for the IIS 8.5 web server must be enabled and capture all user and web server events.WindowsDISA IIS 8.5 Server v2r7
MD3X-00-000040 - MongoDB must provide audit record generation for DoD-defined auditable events within all DBMS/database components.UnixDISA STIG MongoDB Enterprise Advanced 3.x v2r3 OS
VCEM-67-000005 - ESX Agent Manager must record user access in a format that enables monitoring of remote access.UnixDISA STIG VMware vSphere 6.7 EAM Tomcat v1r4
VCEM-70-000005 - ESX Agent Manager must record user access in a format that enables monitoring of remote access.UnixDISA STIG VMware vSphere 7.0 EAM Tomcat v1r2
VCFL-67-000009 - vSphere Client must record user access in a format that enables monitoring of remote access.UnixDISA STIG VMware vSphere 6.7 Virgo Client v1r2
VCLD-67-000004 - VAMI must be configured to monitor remote access.UnixDISA STIG VMware vSphere 6.7 VAMI-lighttpd v1r3
VCLD-70-000004 - VAMI must be configured to monitor remote access.UnixDISA STIG VMware vSphere 7.0 VAMI v1r2
VCLU-70-000005 - Lookup Service must record user access in a format that enables monitoring of remote access.UnixDISA STIG VMware vSphere 7.0 Lookup Service v1r2
VCPF-67-000005 - Performance Charts must record user access in a format that enables monitoring of remote access.UnixDISA STIG VMware vSphere 6.7 Perfcharts Tomcat v1r3
VCPF-70-000005 - Performance Charts must record user access in a format that enables monitoring of remote access.UnixDISA STIG VMware vSphere 7.0 Perfcharts Tomcat v1r1
VCST-67-000005 - The Security Token Service must record user access in a format that enables monitoring of remote access.UnixDISA STIG VMware vSphere 6.7 STS Tomcat v1r3
VCST-70-000005 - The Security Token Service must record user access in a format that enables monitoring of remote access.UnixDISA STIG VMware vSphere 7.0 STS Tomcat v1r2
VCUI-67-000005 - vSphere UI must record user access in a format that enables monitoring of remote access.UnixDISA STIG VMware vSphere 6.7 UI Tomcat v1r3
VCUI-70-000005 - vSphere UI must record user access in a format that enables monitoring of remote access.UnixDISA STIG VMware vSphere 7.0 vCA UI v1r2
WBSP-AS-000100 - The WebSphere Application Server audit event type filters must be configured.UnixDISA IBM WebSphere Traditional 9 STIG v1r1
WBSP-AS-000100 - The WebSphere Application Server audit event type filters must be configured.UnixDISA IBM WebSphere Traditional 9 STIG v1r1 Middleware
WBSP-AS-000100 - The WebSphere Application Server audit event type filters must be configured.WindowsDISA IBM WebSphere Traditional 9 Windows STIG v1r1
WNFWA-000011 - Windows Defender Firewall with Advanced Security must log successful connections when connected to a domain.WindowsDISA Microsoft Windows Firewall v2r2
WNFWA-000019 - Windows Defender Firewall with Advanced Security must log successful connections when connected to a private network.WindowsDISA Microsoft Windows Firewall v2r2
WNFWA-000029 - Windows Defender Firewall with Advanced Security must log successful connections when connected to a public network.WindowsDISA Microsoft Windows Firewall v2r2