UCF STIG Viewer Logo

The application server must allow only the ISSM (or individuals or roles appointed by the ISSM) to select which logable events are to be logged.


Overview

Finding ID Version Rule ID IA Controls Severity
V-35142 SRG-APP-000090-AS-000051 SV-46429r3_rule Medium
Description
Log records can be generated from various components within the application server, (e.g., httpd, beans, etc.) From an application perspective, certain specific application functionalities may be logged, as well. The list of logged events is the set of events for which logs are to be generated. This set of events is typically a subset of the list of all events for which the system is capable of generating log records (e.g., logable events, time stamps, source and destination addresses, user/process identifiers, event descriptions, success/fail indications, filenames involved, and access control or flow control rules invoked). Application servers utilize role-based access controls in order to specify the individuals who are allowed to configure application component logable events. The application server must be configured to select which personnel are assigned the role of selecting which logable events are to be logged. The personnel or roles that can select logable events are only the ISSM (or individuals or roles appointed by the ISSM).
STIG Date
Application Server Security Requirements Guide 2019-01-07

Details

Check Text ( C-43529r2_chk )
Review application server product documentation and configuration to determine if the system only allows the ISSM (or individuals or roles appointed by the ISSM) to change logable events.

If the system is not configured to perform this function, this is a finding.
Fix Text (F-39693r2_fix)
Configure the application server to only allow the ISSM (or individuals or roles appointed by the ISSM) to change logable events.