Documentation - V-204718

V-204718

Application Server Security Requirements Guide

CAT II

Title

The application server must allow only the ISSM (or individuals or roles appointed by the ISSM) to select which logable events are to be logged.

Description

<VulnDiscussion>Log records can be generated from various components within the application server, (e.g., httpd, beans, etc.) From an application perspective, certain specific application functionalities may be logged, as well. The list of logged events is the set of events for which logs are to be generated. This set of events is typically a subset of the list of all events for which the system is capable of generating log records (e.g., logable events, time stamps, source and destination add...

Fix Text (Documentation Requirement)

Configure the application server to only allow the ISSM (or individuals or roles appointed by the ISSM) to change logable events.

View Full STIG Details →

Documentation Status

Status

Documented Verified - link to a ship document Awaiting Review Evidence submitted, needs verification Pending Needs documentation Not Required Documentation not needed Not Applicable STIG doesn't apply

Notes (Optional)

Cancel