V-204720
SV-204720r960888_rule
CAT II
The application server must initiate session logging upon startup.
From: Application Server Security Requirements Guide (V4R4)
Description
<VulnDiscussion>Session logging activities are developed, integrated, and used in consultation with legal counsel in accordance with applicable federal laws, Executive Orders, directives, policies, or regulations.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>
Check Procedure
Review the application server product documentation and server configuration to determine if the application server initiates session logging on application server startup.
If the application server is not configured to meet this requirement, this is a finding.
Fix Text
Configure the application server to initiate session logging on application server startup.
CCI Reference
CCI-001464- Created
- 2026-04-07 20:08:11
- Last Updated
- 2026-04-07 20:08:11