Detections
Analytics

CCI|CCI-001348

Title

Store audit records on an organization-defined frequency in a repository that is part of a physically different system or system component that the system or component being audited.

Reference Item Details

Category: 2024

Audit Items

View all Reference Audit Items

NamePluginAudit Name
AS24-U1-000210 - The log data and records from the Apache web server must be backed up onto a different system or media.UnixDISA STIG Apache Server 2.4 Unix Server v3r1 Middleware
AS24-U1-000210 - The log data and records from the Apache web server must be backed up onto a different system or media.UnixDISA STIG Apache Server 2.4 Unix Server v3r1
AS24-W1-000210 - The log data and records from the Apache web server must be backed up onto a different system or media.WindowsDISA STIG Apache Server 2.4 Windows Server v3r1
AS24-W1-000210 - The log data and records from the Apache web server must be backed up onto a different system or media.WindowsDISA STIG Apache Server 2.4 Windows Server v2r3
BIND-9X-001017 - The BIND 9.x server implementation must not be configured with a channel to send audit records to null.UnixDISA BIND 9.x STIG v2r3
BIND-9X-001042 - The BIND 9.x server implementation must maintain at least 3 file versions of the local log file.UnixDISA BIND 9.x STIG v2r3
EX13-CA-000085 - Exchange must have Audit data on separate partitions.WindowsDISA Microsoft Exchange 2013 Client Access Server STIG v2r2
EX13-EG-000070 - Exchange audit data must be on separate partitions.WindowsDISA Microsoft Exchange 2013 Edge Transport Server STIG v1r6
EX13-MB-000080 - Exchange Audit data must be on separate partitions.WindowsDISA Microsoft Exchange 2013 Mailbox Server STIG v2r3
EX16-ED-000140 - Exchange audit data must be on separate partitions.WindowsDISA Microsoft Exchange 2016 Edge Transport Server STIG v2r5
EX16-MB-000160 - Exchange Audit data must be on separate partitions.WindowsDISA Microsoft Exchange 2016 Mailbox Server STIG v2r6
EX19-ED-000050 - Exchange audit data must be on separate partitions.WindowsDISA Microsoft Exchange 2019 Edge Server STIG v2r1
EX19-MB-000058 - Exchange audit data must be on separate partitions.WindowsDISA Microsoft Exchange 2019 Mailbox Server STIG v2r2
GEN005450 - The system must use a remote syslog server (log host).UnixDISA STIG Solaris 10 X86 v2r4
GEN005450 - The system must use a remote syslog server (log host).UnixDISA STIG Solaris 10 SPARC v2r4
IIST-SV-000116 - The log data and records from the IIS 10.0 web server must be backed up onto a different system or media.WindowsDISA IIS 10.0 Server v2r10
IIST-SV-000116 - The log data and records from the IIS 10.0 web server must be backed up onto a different system or media.WindowsDISA IIS 10.0 Server v3r2
IISW-SV-000116 - The log data and records from the IIS 8.5 web server must be backed up onto a different system or media.WindowsDISA IIS 8.5 Server v2r7
JBOS-AS-000195 - JBoss log records must be off-loaded onto a different system or system component a minimum of every seven days.UnixDISA JBoss EAP 6.3 STIG v2r5
OH12-1X-000077 - The log data and records from OHS must be backed up onto a different system or media.UnixDISA STIG Oracle HTTP Server 12.1.3 v2r2
SOL-11.1-090220 - The operating system must back up audit records at least every seven days onto a different system or system component than the system or component being audited.UnixDISA STIG Solaris 11 SPARC v3r1
SOL-11.1-090220 - The operating system must back up audit records at least every seven days onto a different system or system component than the system or component being audited.UnixDISA STIG Solaris 11 X86 v3r1
SPLK-CL-000105 - Splunk Enterprise must be configured to back up the log records repository at least every seven days onto a different system or system component other than the system or component being audited.SplunkDISA STIG Splunk Enterprise 7.x for Windows v3r1 REST API
SPLK-CL-000250 - Splunk Enterprise must be configured to back up the log records repository at least every seven days onto a different system or system component other than the system or component being audited.SplunkDISA STIG Splunk Enterprise 8.x for Linux v2r1 STIG REST API
WDNS-AU-000016 - The Windows 2012 DNS Servers audit records must be backed up at least every seven days onto a different system or system component than the system or component being audited.WindowsDISA Microsoft Windows 2012 Server DNS STIG v2r7