From Oracle WebLogic Server 12c Security Technical Implementation Guide
Part of SRG-APP-000063-AS-000030
Associated with: CCI-000040
In order to be able to provide a forensic history of activity, the application server must ensure users who are granted a privileged role or those who utilize a separate distinct account when accessing privileged functions or data have their actions logged.
1. Access EM 2. Select the domain from the navigation tree, and use the dropdown to select 'WebLogic Domain' -> 'Security' -> 'Audit Policy' 3. Select 'Oracle Platform Security Services' from the 'Audit Component Name' dropdown 4. Beneath 'Audit Policy Settings' section, ensure that the comma-delimited list of privileged users (e.g., WebLogic, etc.) is set in the 'Users to Always Audit' field If all privileged users are not listed in the 'Users to Always Audit' field, this is a finding.
1. Access EM 2. Select the domain from the navigation tree, and use the dropdown to select 'WebLogic Domain' -> 'Security' -> 'Audit Policy' 3. Select 'Oracle Platform Security Services' from the 'Audit Component Name' dropdown 4. Beneath 'Audit Policy Settings' section, enter the comma-delimited list of privileged users (e.g., WebLogic, etc.) in the 'Users to Always Audit' field. Click 'Apply'
Lavender hyperlinks in small type off to the right (of CSS
class id, if you view the page source) point to
globally unique URIs for each document and item. Copy the
link location and paste anywhere you need to talk
unambiguously about these things.
You can obtain data about documents and items in other
formats. Simply provide an HTTP header Accept:
text/turtle or
Accept: application/rdf+xml.
Powered by sagemincer