STIGQter: STIG Summary: APACHE 2.2 Site for Windows Security Technical Implementation Guide Version: 1 Release: 13 Benchmark Date: 25 Jan 2019:

Log file data must contain required data elements.

DISA Rule

SV-28654r1_rule

Vulnerability Number

V-13688

Group Title

WG242

Rule Version

WG242 W22

Severity

CAT II

CCI(s)

• CCI-000366 - The organization implements the security configuration settings.

Weight

10

Fix Recommendation

Configure the web server to ensure the log file data includes the required data elements.

Check Contents

To verify the log settings:

Default Windows location: :\Program Files\Apache Group\Apache2\logs\access.log or :\Program Files\Apache Software Foundation\Apache2.2\logs\access.log.

If these directories do not exist, you can search the web server for the httpd.conf config file to determine the location of the logs.

Items to be logged are as shown in this sample line in the httpd.conf file:

LogFormat "%a %A %h %H %l %m %s %t %u %U \"%{Referer}i\" " combined

If the web server is not configured to capture the required audit events for all sites and virtual directories, this is a finding.

Vulnerability Number

V-13688

Documentable

False

Rule Version

WG242 W22

Severity Override Guidance

To verify the log settings:

Default Windows location: :\Program Files\Apache Group\Apache2\logs\access.log or :\Program Files\Apache Software Foundation\Apache2.2\logs\access.log.

If these directories do not exist, you can search the web server for the httpd.conf config file to determine the location of the logs.

Items to be logged are as shown in this sample line in the httpd.conf file:

LogFormat "%a %A %h %H %l %m %s %t %u %U \"%{Referer}i\" " combined

If the web server is not configured to capture the required audit events for all sites and virtual directories, this is a finding.

Check Content Reference

M

Responsibility

System Administrator

Target Key

161

Comments