STIGQter: STIG Summary: VMW vRealize Automation 7.x vIDM Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 28 Sep 2018:

vIDM must be configured to log activity to the horizon.log file.

DISA Rule

SV-100933r1_rule

Vulnerability Number

V-90283

Group Title

SRG-APP-000016-AS-000013

Rule Version

VRAU-VI-000020

Severity

CAT II

CCI(s)

• CCI-000067 - The information system monitors remote access methods.

Weight

10

Fix Recommendation

Navigate to and open /usr/local/horizon/conf/saas-log4j.properties.

Configure the vIDM policy log file with the following lines:

log4j.appender.rollingFile=org.apache.log4j.RollingFileAppender
log4j.appender.rollingFile.MaxFileSize=50MB
log4j.appender.rollingFile.MaxBackupIndex=7
log4j.appender.rollingFile.Encoding=UTF-8
log4j.appender.rollingFile.file=/opt/vmware/horizon/workspace/logs/horizon.log
log4j.appender.rollingFile.append=true
log4j.appender.rollingFile.layout=org.apache.log4j.PatternLayout
log4j.appender.rollingFile.layout.ConversionPattern=%d{ISO8601} %-5p (%t) [%X{orgId};%X{userId};%X{ip}] %c - %m%n

Check Contents

At the command prompt, execute the following command:

grep log4j.appender.rollingFile.file /usr/local/horizon/conf/saas-log4j.properties

If the "log4j.appender.rollingFile.file" is not set to "/opt/vmware/horizon/workspace/logs/horizon.log" or is commented out or is missing, this is a finding.

Vulnerability Number

V-90283

Documentable

False

Rule Version

VRAU-VI-000020

Severity Override Guidance

At the command prompt, execute the following command:

grep log4j.appender.rollingFile.file /usr/local/horizon/conf/saas-log4j.properties

If the "log4j.appender.rollingFile.file" is not set to "/opt/vmware/horizon/workspace/logs/horizon.log" or is commented out or is missing, this is a finding.

Check Content Reference

M

Target Key

3451

Comments