STIGQter: STIG Summary: Application Server Security Requirements Guide Version: 3 Release: 1 Benchmark Date: 23 Oct 2020:

The application server must provide an immediate real-time alert to authorized users of all log failure events requiring real-time alerts.

DISA Rule

SV-204791r508029_rule

Vulnerability Number

V-204791

Group Title

SRG-APP-000360

Rule Version

SRG-APP-000360-AS-000066

Severity

CAT II

CCI(s)

• CCI-001858 - The information system provides a real-time alert in an organization-defined real-time period to organization-defined personnel, roles, and/or locations when organization-defined audit failure events requiring real-time alerts occur.

Weight

10

Fix Recommendation

Configure the application server to provide a real-time alert to authorized users when log failure events occur that require real-time alerts.

Check Contents

Review the configuration settings to determine if the application server log system provides a real-time alert to authorized users when log failure events occur requiring real-time alerts.

If designated alerts are not sent to authorized users, this is a finding.

Vulnerability Number

V-204791

Documentable

False

Rule Version

SRG-APP-000360-AS-000066

Severity Override Guidance

Review the configuration settings to determine if the application server log system provides a real-time alert to authorized users when log failure events occur requiring real-time alerts.

If designated alerts are not sent to authorized users, this is a finding.

Check Content Reference

M

Target Key

2900

Comments