Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
tc Server HORIZON must record time stamps for log records to a minimum granularity of one second.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-240851 | VRAU-TC-000775 | SV-240851r879748_rule | Medium |
| Description |
|---|
| Without sufficient granularity of time stamps, it is not possible to adequately determine the chronological order of records. Time stamps generated by the web server include date and time and must be to a granularity of one second. Like all web servers, tc Server logs can be configured to produce a Common Log Format (CLF). The tc Server component known as an AccessLogValve, which represents a component that can be inserted into the request processing pipeline to capture user interaction. The Access Log Valve should be configured to ensure that investigators have sufficient information to conduct an appropriate audit. |
| STIG | Date |
|---|---|
| VMware vRealize Automation 7.x tc Server Security Technical Implementation Guide | 2023-10-03 |
Details
| Check Text ( C-44084r854859_chk ) |
|---|
| At the command prompt, execute the following command: tail /storage/log/vmware/horizon/localhost_access_log.YYYY-MM-dd.txt If the timestamp does not contain a minimum granularity of one second, this is a finding. Note: Substitute the actual date in the file name. Note: In Common Log Format, a timestamp will look like [06/Feb/2016:23:12:57 +0000]. The "57" part is the "seconds" part of the timestamp. |
| Fix Text (F-44043r674296_fix) |
|---|
| Navigate to and open /opt/vmware/horizon/workspace/conf/server.xml. Navigate to the Set the 'pattern' setting with "%h %l %u %t "%r" %s %b". Note: The pattern="%h %l %u %t "%r" %s %b" prefix="localhost_access_log." suffix=".txt"/> |