tc Server ALL log files must be moved to a permanent repository in accordance with site policy.

From VMware vRealize Operations Manager 6.x tc Server Security Technical Implementation Guide

Associated with: CCI-001851

SV-99689r1_rule tc Server ALL log files must be moved to a permanent repository in accordance with site policy.

Vulnerability discussion

A web server will typically utilize logging mechanisms for maintaining a historical log of activity that occurs within a hosted application. This information can then be used for diagnostic purposes, forensics purposes, or other purposes relevant to ensuring the availability and integrity of the hosted application.Log files must be periodically moved from the web server to a permanent storage location. This serves two beneficial purposes. First, the web server's resources are freed up for productions. Also, this ensures that the site has, and enforces, policies designed to preserve the integrity of historical logs.

Check content

Obtain supporting documentation from the ISSO. Review the site policy for moving log files from the web server to a permanent repository. Ensure that log files are being moved from the web server in accordance with the site policy. If the site does not have a policy for periodically moving log files to an archive repository or such policy is not being enforced, this is a finding.

Fix text

Develop and enforce a site policy for moving log files periodically from the web server to a permanent repository in accordance with site retention policies.

Pro Tips

Lavender hyperlinks in small type off to the right (of CSS class id, if you view the page source) point to globally unique URIs for each document and item. Copy the link location and paste anywhere you need to talk unambiguously about these things.

You can obtain data about documents and items in other formats. Simply provide an HTTP header Accept: text/turtle or Accept: application/rdf+xml.