Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
JBoss log records must be off-loaded onto a different system or system component a minimum of every seven days.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-62257 | JBOS-AS-000195 | SV-76747r1_rule | Medium |
| Description |
|---|
| JBoss logs by default are written to the local file system. A centralized logging solution like syslog should be used whenever possible; however, any log data stored to the file system needs to be off-loaded. JBoss EAP does not provide an automated backup capability. Instead, reliance is placed on OS or third-party tools to back up or off-load the log files. Protection of log data includes assuring log data is not accidentally lost or deleted. Off-loading log records to a different system or onto separate media from the system the application server is actually running on helps to assure that, in the event of a catastrophic system failure, the log records will be retained. |
| STIG | Date |
|---|---|
| JBoss EAP 6.3 Security Technical Implementation Guide | 2015-11-09 |
Details
| Check Text ( C-63061r1_chk ) |
|---|
| Interview the system admin and obtain details on how the log files are being off-loaded to a different system or media. If the log files are not off-loaded a minimum of every 7 days, this is a finding. |
| Fix Text (F-68177r1_fix) |
|---|
| Configure the application server to off-load log records every seven days onto a different system or media from the system being logged. |