Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
The application server must provide the capability for authorized users to capture, record, and log all content related to a user session.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-35150 | SRG-APP-000093-AS-000054 | SV-46437r3_rule | Medium |
| Description |
|---|
| The application server must be capable of enabling a setting for troubleshooting or debugging purposes which will log all user session information specified by an authorized user. |
| STIG | Date |
|---|---|
| Application Server Security Requirements Guide | 2018-09-13 |
Details
| Check Text ( C-43536r2_chk ) |
|---|
| Review the application server documentation to determine if the application server can be configured to capture/record and log all content related to a user session. If the application server does not have the capability to allow an authorized user to capture, record, and log all content related to a user session, this is a finding. |
| Fix Text (F-39700r2_fix) |
|---|
| Configure the application server to provide the capability for authorized users to capture, record, and log all content related to a user session. |