From VMW vRealize Automation 7.x HA Proxy Security Technical Implementation Guide
Part of SRG-APP-000108-WSR-000166
Associated with: CCI-000139
An accurate and current audit trail is essential for maintaining a record of system activity. If the logging system fails, the SA must be notified and must take prompt action to correct the problem. Minimally, the system must log this event and the SA will receive this notification during the daily system log review. If feasible, active alerting (such as e-mail or paging) should be employed consistent with the site's established operations management systems and procedures.
Interview the ISSO. Determine if logging failure events are monitored, and warnings provided to the ISSO. If logging failure events do not provide warnings in accordance with organization policies, this is a finding. If alerts are not sent or the web server is not configured to use a dedicated logging tool that meets this requirement, this is a finding.
Ensure logging failures result in warnings to the ISSO and SA at a minimum.
Lavender hyperlinks in small type off to the right (of CSS
class id, if you view the page source) point to
globally unique URIs for each document and item. Copy the
link location and paste anywhere you need to talk
unambiguously about these things.
You can obtain data about documents and items in other
formats. Simply provide an HTTP header Accept:
text/turtle or
Accept: application/rdf+xml.
Powered by sagemincer