STIGQter STIGQter: STIG Summary: Oracle WebLogic Server 12c Security Technical Implementation Guide Version: 1 Release: 6 Benchmark Date: 26 Jul 2019: Oracle WebLogic must be integrated with a tool to monitor audit subsystem failure notification information that is sent out (e.g., the recipients of the message and the nature of the failure).

DISA Rule

SV-70637r1_rule

Vulnerability Number

V-56383

Group Title

SRG-APP-999999-AS-999999

Rule Version

WBLC-10-000270

Severity

CAT II

CCI(s)

Weight

10

Fix Recommendation

Install a tool, such as Oracle Diagnostics Framework, to monitor audit subsystem failure notification information.

Check Contents

Review the configuration of Oracle WebLogic to determine if a tool, such as Oracle Diagnostic Framework, is in place to monitor audit subsystem failure notification information that is sent out.

If a tool is not in place to monitor audit subsystem failure notification information that is sent, this is a finding.

Vulnerability Number

V-56383

Documentable

False

Rule Version

WBLC-10-000270

Severity Override Guidance

Review the configuration of Oracle WebLogic to determine if a tool, such as Oracle Diagnostic Framework, is in place to monitor audit subsystem failure notification information that is sent out.

If a tool is not in place to monitor audit subsystem failure notification information that is sent, this is a finding.

Check Content Reference

M

Target Key

2545

Comments