Documentation - V-222475

V-222475

Application Security and Development Security Technical Implementation Guide

CAT II

Title

When using centralized logging; the application must include a unique identifier in order to distinguish itself from other application logs.

Description

<VulnDiscussion>Without establishing the source, it is impossible to establish, correlate, and investigate the events leading up to an outage or attack. In the case of centralized logging, or other instances where log files are consolidated, there is risk that the application's log data could be co-mingled with other log data. To address this issue, the application itself must be identified as well as the application host or client name. In order to compile an accurate risk assessment, and p...

Fix Text (Documentation Requirement)

Configure the application logs or the centralized log storage facility so the application name and the hosts hosting the application are uniquely identified in the logs.

View Full STIG Details →

Documentation Status

Status

Documented Verified - link to a ship document Awaiting Review Evidence submitted, needs verification Pending Needs documentation Not Required Documentation not needed Not Applicable STIG doesn't apply

Notes (Optional)

Cancel