STIGQter STIGQter: STIG Summary: vRealize - Cassandra Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 05 Jun 2017:

The Cassandra database must produce audit records containing time stamps to establish when the events occurred.

DISA Rule

SV-87267r1_rule

Vulnerability Number

V-72635

Group Title

SRG-APP-000096-DB-000040

Rule Version

VROM-CS-000045

Severity

CAT II

CCI(s)

Weight

10

Fix Recommendation

Configure the Cassandra Server to produce audit records containing time stamps to establish when the events occurred.

Navigate to and open /usr/lib/vmware-vcops/user/conf/cassandra/logback.xml.

Navigate to the <appender> node with the name="FILE" attribute.

Navigate to <encoder> node.

Edit the <pattern> to look like the below.
<pattern>%-5level [%thread] %date{ISO8601, UTC} %F:%L - %msg%n</pattern>

Check Contents

Review the Cassandra Server setting to ensure audit records containing time stamps to establish when the events occurred are produced.

Navigate to and open /usr/lib/vmware-vcops/user/conf/cassandra/logback.xml.

Navigate to the <appender> node with the name="FILE" attribute.

Navigate to <encoder> node.

If the <pattern> node does not look like the expected result, this is a finding.

Expected result:
<pattern>%-5level [%thread] %date{ISO8601, UTC} %F:%L - %msg%n</pattern>

Vulnerability Number

V-72635

Documentable

False

Rule Version

VROM-CS-000045

Severity Override Guidance

Review the Cassandra Server setting to ensure audit records containing time stamps to establish when the events occurred are produced.

Navigate to and open /usr/lib/vmware-vcops/user/conf/cassandra/logback.xml.

Navigate to the <appender> node with the name="FILE" attribute.

Navigate to <encoder> node.

If the <pattern> node does not look like the expected result, this is a finding.

Expected result:
<pattern>%-5level [%thread] %date{ISO8601, UTC} %F:%L - %msg%n</pattern>

Check Content Reference

M

Target Key

3179

Comments