STIGQter STIGQter: STIG Summary: Application Security and Development Security Technical Implementation Guide Version: 5 Release: 1 Benchmark Date: 23 Oct 2020:

The application must log application shutdown events.

DISA Rule

SV-222469r508029_rule

Vulnerability Number

V-222469

Group Title

SRG-APP-000095

Rule Version

APSC-DV-000940

Severity

CAT II

CCI(s)

Weight

10

Fix Recommendation

Configure the application or application server to record application shutdown events in the event logs.

Check Contents

Review and monitor the application and system logs.

If an application shutdown event is not recorded in the logs, either initiate a shutdown event and review the logs after reestablishing access or request backup copies of the application or system logs that indicate shutdown events are being recorded.

Alternatively, check for a setting within the application that controls application logging events and determine if application shutdown logging is configured.

If the application is not recording application shutdown events in either the application or system log, or if the application is not configured to record shutdown events, this is a finding.

Vulnerability Number

V-222469

Documentable

False

Rule Version

APSC-DV-000940

Severity Override Guidance

Review and monitor the application and system logs.

If an application shutdown event is not recorded in the logs, either initiate a shutdown event and review the logs after reestablishing access or request backup copies of the application or system logs that indicate shutdown events are being recorded.

Alternatively, check for a setting within the application that controls application logging events and determine if application shutdown logging is configured.

If the application is not recording application shutdown events in either the application or system log, or if the application is not configured to record shutdown events, this is a finding.

Check Content Reference

M

Target Key

4093

Comments