STIGQter STIGQter: STIG Summary: VMware vRealize Automation 7.x tc Server Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 28 Sep 2018:

tc Server VCO must record time stamps for log records to a minimum granularity of one second.

DISA Rule

SV-100783r1_rule

Vulnerability Number

V-90133

Group Title

SRG-APP-000375-WSR-000171

Rule Version

VRAU-TC-000780

Severity

CAT II

CCI(s)

Weight

10

Fix Recommendation

Navigate to and open /etc/vco/app-server/server.xml.

Navigate to the <Valve className="org.apache.catalina.valves.AccessLogValve"> node.

Set the "pattern" setting with "%h %l %u %t &quot;%r&quot; %s %b".

Note: The <Valve> node should be configured per the following:

<Valve className="org.apache.catalina.valves.AccessLogValve"
directory="logs"
pattern="%h %l %u %t &quot;%r&quot; %s %b"
prefix="localhost_access_log."
suffix=".txt"/>

Check Contents

At the command prompt, execute the following command:

tail /storage/log/vmware/vco/app-server/localhost_access_log.txt

If the timestamp does not contain a minimum granularity of one second, this is a finding.

Note: In Common Log Format, a timestamp will look like [06/Feb/2016:23:12:57 +0000]. The "57" part is the "seconds" part of the timestamp.

Vulnerability Number

V-90133

Documentable

False

Rule Version

VRAU-TC-000780

Severity Override Guidance

At the command prompt, execute the following command:

tail /storage/log/vmware/vco/app-server/localhost_access_log.txt

If the timestamp does not contain a minimum granularity of one second, this is a finding.

Note: In Common Log Format, a timestamp will look like [06/Feb/2016:23:12:57 +0000]. The "57" part is the "seconds" part of the timestamp.

Check Content Reference

M

Target Key

3439

Comments