STIGhubSTIGhub
STIGsRMF ControlsCompare
STIGhub— A free STIG search and compliance tool·STIGs updated 3 days ago
Powered by Pylon·Privacy·Terms·© 2026 Beacon Cloud Solutions, Inc.
← Back to F5 BIG-IP Device Management Security Technical Implementation Guide

V-217418

CAT II (Medium)

The BIG-IP appliance must be configured to off-load audit records onto a different system or media than the system being audited.

Rule ID

SV-217418r961860_rule

STIG

F5 BIG-IP Device Management Security Technical Implementation Guide

Version

V2R4

CCIs

CCI-001851

Discussion

Information stored in one location is vulnerable to accidental or incidental deletion or alteration. Off-loading is a common process in information systems with limited audit storage capacity.

Check Content

Verify the BIG-IP appliance is configured to off-load audit records onto a different system or media than the system being audited. 

Navigate to the BIG-IP System manager >> System >> Logs >> Configuration >> Remote Logging.

Verify a syslog destination is configured that off-loads audit records from the BIG-IP appliance that is different from the system being audited.

If BIG-IP appliance is not configured to off-load audit records onto a different system or media, this is a finding.

Fix Text

Configure the BIG-IP appliance to off-load audit records onto a different system or media than the system being audited.