STIGQter: STIG Summary: Application Server Security Requirements Guide Version: 3 Release: 1 Benchmark Date: 23 Oct 2020:

The application server must alert the SA and ISSO, at a minimum, in the event of a log processing failure.

DISA Rule

SV-204728r508029_rule

Vulnerability Number

V-204728

Group Title

SRG-APP-000108

Rule Version

SRG-APP-000108-AS-000067

Severity

CAT II

CCI(s)

• CCI-000139 - The information system alerts designated organization-defined personnel or roles in the event of an audit processing failure.

Weight

10

Fix Recommendation

Configure the application server log feature to alert the SA and ISSO in the event of a log processing failure.

Check Contents

Review application server log configuration. Verify the application server sends alerts to the SA and ISSO in the event of a log processing failure.

If the application server is not configured to meet this requirement, this is a finding.

Vulnerability Number

V-204728

Documentable

False

Rule Version

SRG-APP-000108-AS-000067

Severity Override Guidance

Review application server log configuration. Verify the application server sends alerts to the SA and ISSO in the event of a log processing failure.

If the application server is not configured to meet this requirement, this is a finding.

Check Content Reference

M

Target Key

2900

Comments