AccessLogValve must be configured for each application context.

Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

AccessLogValve must be configured for each application context.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-222930	TCAT-AS-000050	SV-222930r615938_rule		Medium

Description
Tomcat has the ability to host multiple contexts (applications) on one physical server by using the <Host><Context> attribute. This allows the admin to specify audit log settings on a per application basis. Satisfies: SRG-APP-000016-AS-000013, SRG-APP-000080-AS-000045, SRG-APP-000089-AS-000050, SRG-APP-000091-AS-000052, SRG-APP-000095-AS-000056, SRG-APP-000098-AS-000061, SRG-APP-000099-AS-000062

STIG	Date
Apache Tomcat Application Sever 9 Security Technical Implementation Guide	2021-06-15

Details

Check Text ( C-24602r426234_chk )
As an elevated user on the Tomcat server: Edit the $CATALINA_BASE/conf/server.xml file. Review for all elements. If a element is not defined within each element, this is a finding. EXAMPLE: ... prefix="application_name_log" suffix=".txt" pattern=""%h %l %t %u "%r" %s %b" /> ... />

Fix Text (F-24591r426235_fix)
As a privileged user on the Tomcat server: Edit the $CATALINA_BASE/conf/server.xml file. Create a element that is nested within the element containing an AccessLogValve. EXAMPLE: ... prefix="application_name_log" suffix=".txt" pattern="%h %l %t %u "%r" %s %b" /> ... /> Restart the Tomcat server: sudo systemctl restart tomcat sudo systemctl daemon-reload