UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

The application server must ensure remote sessions for accessing security functions and security-relevant information are logged.


Overview

Finding ID Version Rule ID IA Controls Severity
V-57411 SRG-APP-000016-AS-000013 SV-71683r1_rule Medium
Description
Logging must be utilized in order to track system activity, assist in diagnosing system issues, and provide evidence needed for forensic investigations post security incident. Remote access by administrators requires that the admin activity be logged. Application servers provide a web and command line-based remote management capability for managing the application server. Application servers must ensure that all actions related to administrative functionality such as application server configuration are logged.
STIG Date
Application Server Security Requirements Guide 2014-12-12

Details

Check Text ( C-58085r1_chk )
Review the application server product documentation to determine if the application server logs remote administrative sessions.

If the application server does not log remote sessions for the admin user, then this is a finding.
Fix Text (F-62449r1_fix)
Configure the application server to log an event for each instance when the administrator accesses the system remotely.