STIGhubSTIGhub
STIGsRMF ControlsCompare
STIGhub— A free STIG search and compliance tool·STIGs updated 3 days ago
Powered by Pylon·Privacy·Terms·© 2026 Beacon Cloud Solutions, Inc.
← Back to Jamf Pro v10.x EMM Security Technical Implementation Guide

V-241793

CAT II (Medium)

The Jamf Pro EMM server must be configured to transfer Jamf Pro EMM server logs to another server for storage, analysis, and reporting. Note: Jamf Pro EMM server logs include logs of MDM events and logs transferred to the Jamf Pro EMM server by MDM agents of managed devices.

Rule ID

SV-241793r961395_rule

STIG

Jamf Pro v10.x EMM Security Technical Implementation Guide

Version

V3R1

CCIs

CCI-001851

Discussion

Audit logs enable monitoring of security-relevant events and subsequent forensics when breaches occur. Since the Jamf Pro EMM server has limited capability to store mobile device log files and perform analysis and reporting of mobile device log files, the Jamf Pro EMM server must have the capability to transfer log files to an audit log management server. SFR ID: FMT_SMF.1.1(2) i, FAU_STG_EXT.1.1(1)

Check Content

Verify the Jamf Pro EMM server is enabled to push syslog:

1. Open Jamf Pro server.
2. Open "Settings".
3. Select "Change Management".
4. Verify the settings for Syslog Server (log file transfer to the syslog server).

If the Jamf Pro EMM server is not configured to enable syslog, this is a finding.

Fix Text

Configure the Jamf Pro EMM server to enable syslog:

1. Open Jamf Pro server.
2. Open "Settings".
3. Select "Change Management".
4. Click "Edit".
5. Configure the settings for Syslog Server.
6. Click "Save".