STIGQter: STIG Summary: Oracle WebLogic Server 12c Security Technical Implementation Guide Version: 2 Release: 1 Benchmark Date: 23 Apr 2021: STIGQter: STIG Summary: Oracle WebLogic Server 12c Security Technical Implementation Guide Version: 2 Release: 1 Benchmark Date: 23 Apr 2021:SV-235935r628583_rule
V-235935
SRG-APP-000504-AS-000229
WBLC-01-000030
CAT II
10
1. Access EM
2. Select the domain from the navigation tree, and use the dropdown to select 'WebLogic Domain' -> 'Security' -> 'Audit Policy'
3. Select 'Oracle Platform Security Services' from the 'Audit Component Name' dropdown
4. Beneath 'Audit Policy Settings' section, enter the comma-delimited list of privileged users (e.g., WebLogic, etc.) in the 'Users to Always Audit' field. Click 'Apply'
1. Access EM
2. Select the domain from the navigation tree, and use the dropdown to select 'WebLogic Domain' -> 'Security' -> 'Audit Policy'
3. Select 'Oracle Platform Security Services' from the 'Audit Component Name' dropdown
4. Beneath 'Audit Policy Settings' section, ensure that the comma-delimited list of privileged users (e.g., WebLogic, etc.) is set in the 'Users to Always Audit' field
If all privileged users are not listed in the 'Users to Always Audit' field, this is a finding.
V-235935
False
WBLC-01-000030
1. Access EM
2. Select the domain from the navigation tree, and use the dropdown to select 'WebLogic Domain' -> 'Security' -> 'Audit Policy'
3. Select 'Oracle Platform Security Services' from the 'Audit Component Name' dropdown
4. Beneath 'Audit Policy Settings' section, ensure that the comma-delimited list of privileged users (e.g., WebLogic, etc.) is set in the 'Users to Always Audit' field
If all privileged users are not listed in the 'Users to Always Audit' field, this is a finding.
M
5282