I've installed Syslog Server and then performed a security scan on the server. It came back flagged with a registry entry:
System\CurrentControlSet\Services\Kiwi Syslog Server\Sendata.
The group policy for :
"Network Access: Remotely accessible registry paths and sub-paths" has the above entered in it. It is a Category I finding on the STIG.
Is this a requirement of Syslog, if not, what is it used for. Can it be deleted and still function?
Thanks!