UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

The web server must not impede the ability to write specified log record content to an audit log server.


Overview

Finding ID Version Rule ID IA Controls Severity
V-55969 SRG-APP-000358-WSR-000063 SV-70223r2_rule Medium
Description
Writing events to a centralized management audit system offers many benefits to the enterprise over having dispersed logs. Centralized management of audit records and logs provides for efficiency in maintenance and management of records, enterprise analysis of events, and backup and archiving of event records enterprise-wide. The web server and related components are required to be capable of writing logs to centralized audit log servers.
STIG Date
Web Server Security Requirements Guide 2019-03-20

Details

Check Text ( C-56539r2_chk )
Review the web server documentation and deployment configuration to determine if the web server can write log data to, or if log data can be transferred to, a separate audit server.

Request a user access the hosted application and generate logable events and verify the data is written to a separate audit server.

If logs cannot be directly written or transferred on request or on a periodic schedule to an audit log server, this is a finding.
Fix Text (F-60847r1_fix)
Configure the web server to directly write or transfer the logs to a remote audit log server.