Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-62389 | CF11-02-000065 | SV-76879r1_rule | Medium |
Description |
---|
Information system logging capability is critical for accurate forensic analysis. Off-loading is a common process in information systems with limited log storage capacity. Centralized management of log records provides for efficiency in maintenance and management of records, as well as the backup and archiving of those records. Application servers and their related components are required to off-load log records on to a different system or media than the system being logged. ColdFusion offers the capability to set the number of archived log files to keep before overwriting the file along with the maximum file size before generating an archive. This allows the administrator to set up a scheduled task or a centralized log management system to pull the log files. |
STIG | Date |
---|---|
Adobe ColdFusion 11 Security Technical Implementation Guide | 2017-06-15 |
Check Text ( C-63193r1_chk ) |
---|
Locate the log file directory by viewing the "Log directory" setting within the "Logging Settings" page under the "Debugging & Logging" menu. Have the administrator show the scheduled task or log management application that accesses this directory and stores the log files to another system or media. If the administrator cannot demonstrate that the log files are being stored to another system or media, this is a finding. |
Fix Text (F-68309r1_fix) |
---|
Configure a scheduled task or log management application to store the log files to another system or media. |