Documentation - V-206365

V-206365

Web Server Security Requirements Guide

CAT II

Title

The web server must produce log records containing sufficient information to establish the identity of any user/subject or process associated with an event.

Description

<VulnDiscussion>Web server logging capability is critical for accurate forensic analysis. Without sufficient and accurate information, a correct replay of the events cannot be determined. Determining user accounts, processes running on behalf of the user, and running process identifiers also enable a better understanding of the overall event. User tool identification is also helpful to determine if events are related to overall user access or specific client tools. Log record content that may ...

Fix Text (Documentation Requirement)

Configure the web server to include the user/subject identity or process as part of each log record.

View Full STIG Details →

Documentation Status

Status

Documented Verified - link to a ship document Awaiting Review Evidence submitted, needs verification Pending Needs documentation Not Required Documentation not needed Not Applicable STIG doesn't apply

Notes (Optional)

Cancel