From JBoss EAP 6.3 Security Technical Implementation Guide
Part of SRG-APP-000097-AS-000060
Associated with: CCI-000132
Application server logging capability is critical for accurate forensic analysis. Without sufficient and accurate information, a correct replay of the events cannot be determined.
Application logs are a configurable variable. Interview the system admin, and have them identify the applications that are running on the application server. Have the system admin identify the log files/location where application activity is stored. Review the log files to ensure each application is uniquely identified within the logs or each application has its own unique log file. Generate application activity by either authenticating to the application or generating an auditable event, and ensure the application activity is recorded in the log file. Recently time stamped application events are suitable evidence of compliance. If the log records do not indicate which application hosted on the application server generated the event, or if no events are recorded related to application activity, this is a finding.
Configure log formatter to audit application activity so individual application activity can be identified.
Lavender hyperlinks in small type off to the right (of CSS
class id, if you view the page source) point to
globally unique URIs for each document and item. Copy the
link location and paste anywhere you need to talk
unambiguously about these things.
You can obtain data about documents and items in other
formats. Simply provide an HTTP header Accept:
text/turtle or
Accept: application/rdf+xml.
Powered by sagemincer