UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

VAMI must produce log records containing sufficient information to establish what type of events occurred.


Overview

Finding ID Version Rule ID IA Controls Severity
V-239720 VCLD-67-000006 SV-239720r679270_rule Medium
Description
After a security incident has occurred, investigators will often review log files to determine what happened. Understanding what type of event occurred is critical for investigation of a suspicious event. Satisfies: SRG-APP-000095-WSR-000056, SRG-APP-000096-WSR-000057, SRG-APP-000097-WSR-000058, SRG-APP-000098-WSR-000059, SRG-APP-000099-WSR-000061, SRG-APP-000100-WSR-000064, SRG-APP-000374-WSR-000172, SRG-APP-000375-WSR-000171
STIG Date
VMware vSphere 6.7 VAMI-lighttpd Security Technical Implementation Guide 2021-04-15

Details

Check Text ( C-42953r679268_chk )
At the command prompt, execute the following command:

# grep "^accesslog.format" /opt/vmware/etc/lighttpd/lighttpd.conf

The default commented, accesslog format is acceptable for this requirement. No output should be returned.

If the command returns any output, this is a finding.
Fix Text (F-42912r679269_fix)
Navigate to and open /opt/vmware/etc/lighttpd/lighttpd.conf.

Comment any existing accesslog.format lines by adding a "#" at the beginning of the line.