STIGQter: STIG Summary: VMware vRealize Automation 7.x tc Server Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 28 Sep 2018:

tc Server HORIZON must generate log records for user access and authentication events.

DISA Rule

SV-100569r1_rule

Vulnerability Number

V-89919

Group Title

SRG-APP-000089-WSR-000047

Rule Version

VRAU-TC-000110

Severity

CAT II

CCI(s)

CCI-000169 - The information system provides audit record generation capability for the auditable events defined in AU-2 a. at organization-defined information system components.

Weight

Fix Recommendation

Navigate to and open /opt/vmware/horizon/workspace/conf/server.xml.

Navigate to and locate <Host>.

Configure the <Host> node with the <AccessLogValve> below.

Note: The "AccessLogValve" should be configured as follows:
<Valve className="org.apache.catalina.valves.AccessLogValve"
directory="logs"
pattern="%h %l %u %t "%r" %s %b"
prefix="localhost_access_log."
suffix=".txt"/>

Check Contents

Navigate to and open /opt/vmware/horizon/workspace/conf/server.xml.

Navigate to the <Host> node.

Verify that the node contains a <Valve className="org.apache.catalina.valves.AccessLogValve"> node.

If an "AccessLogValve" is not configured correctly or is missing, this is a finding.

Note: The "AccessLogValve" should be configured as follows:

<Valve className="org.apache.catalina.valves.AccessLogValve"
directory="logs"
pattern="%h %l %u %t "%r" %s %b"
prefix="access_log"
suffix=".txt"
rotatable="false"
requestAttributesEnabled="true"
checkExists="true"/>

tc Server HORIZON must generate log records for user access and authentication events.

DISA Rule

Vulnerability Number

Group Title

Rule Version

Severity

CCI(s)

Weight

Fix Recommendation

Check Contents

Vulnerability Number

Documentable

Rule Version

Severity Override Guidance

Check Content Reference

Target Key

Comments