From JBoss EAP 6.3 Security Technical Implementation Guide
Part of SRG-APP-000125-AS-000084
Associated with: CCI-001348
JBoss logs by default are written to the local file system. A centralized logging solution like syslog should be used whenever possible; however, any log data stored to the file system needs to be off-loaded. JBoss EAP does not provide an automated backup capability. Instead, reliance is placed on OS or third-party tools to back up or off-load the log files.
Interview the system admin and obtain details on how the log files are being off-loaded to a different system or media. If the log files are not off-loaded a minimum of every 7 days, this is a finding.
Configure the application server to off-load log records every seven days onto a different system or media from the system being logged.
Lavender hyperlinks in small type off to the right (of CSS
class id
, if you view the page source) point to
globally unique URIs for each document and item. Copy the
link location and paste anywhere you need to talk
unambiguously about these things.
You can obtain data about documents and items in other
formats. Simply provide an HTTP header Accept:
text/turtle
or
Accept: application/rdf+xml
.
Powered by sagemincer