STIGQter: STIG Summary: Application Server Security Requirements Guide Version: 3 Release: 1 Benchmark Date: 23 Oct 2020:

The application server must record time stamps for log records that can be mapped to Coordinated Universal Time (UTC) or Greenwich Mean Time (GMT).

DISA Rule

SV-204794r508029_rule

Vulnerability Number

V-204794

Group Title

SRG-APP-000374

Rule Version

SRG-APP-000374-AS-000210

Severity

CAT II

CCI(s)

• CCI-001890 - The information system records time stamps for audit records that can be mapped to Coordinated Universal Time (UTC) or Greenwich Mean Time (GMT).

Weight

10

Fix Recommendation

Configure the application server to use time stamps for log records that can easily be mapped to UTC or GMT.

Check Contents

Review the application server documentation and configuration files to determine if time stamps for log records can be mapped to UTC or GMT.

If the time stamp cannot be mapped to UTC or GMT, this is a finding.

Vulnerability Number

V-204794

Documentable

False

Rule Version

SRG-APP-000374-AS-000210

Severity Override Guidance

Review the application server documentation and configuration files to determine if time stamps for log records can be mapped to UTC or GMT.

If the time stamp cannot be mapped to UTC or GMT, this is a finding.

Check Content Reference

M

Target Key

2900

Comments