UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

AccessLogValve must be configured for each application context.


Overview

Finding ID Version Rule ID IA Controls Severity
V-222930 TCAT-AS-000050 SV-222930r615938_rule Medium
Description
Tomcat has the ability to host multiple contexts (applications) on one physical server by using the <Host><Context> attribute. This allows the admin to specify audit log settings on a per application basis. Satisfies: SRG-APP-000016-AS-000013, SRG-APP-000080-AS-000045, SRG-APP-000089-AS-000050, SRG-APP-000091-AS-000052, SRG-APP-000095-AS-000056, SRG-APP-000098-AS-000061, SRG-APP-000099-AS-000062
STIG Date
Apache Tomcat Application Sever 9 Security Technical Implementation Guide 2021-12-27

Details

Check Text ( C-24602r426234_chk )
As an elevated user on the Tomcat server:

Edit the $CATALINA_BASE/conf/server.xml file.

Review for all elements.

If a element is not defined within each element, this is a finding.

EXAMPLE:

...
prefix="application_name_log" suffix=".txt"
pattern=""%h %l %t %u "%r" %s %b" />
...
/>
Fix Text (F-24591r426235_fix)
As a privileged user on the Tomcat server:

Edit the $CATALINA_BASE/conf/server.xml file.

Create a element that is nested within the element containing an AccessLogValve.

EXAMPLE:

...
prefix="application_name_log" suffix=".txt"
pattern="%h %l %t %u "%r" %s %b" />
...
/>

Restart the Tomcat server:
sudo systemctl restart tomcat
sudo systemctl daemon-reload