An error occurred:

Check: AS24-U1-000720

Apache Server 2.4 UNIX Server STIG: AS24-U1-000720 (in versions v3 r2 through v1 r1)

Title

The Apache web server must not impede the ability to write specified log record content to an audit log server. (Cat II impact)

Discussion

Writing events to a centralized management audit system offers many benefits to the enterprise over having dispersed logs. Centralized management of audit records and logs provides for efficiency in maintenance and management of records, enterprise analysis of events, and backup and archiving of event records enterprise-wide. The web server and related components are required to be capable of writing logs to centralized audit log servers.

Check Content

Work with SIEM administrator to determine audit configurations. If there is a setting within the SIEM that could impede the ability to write specific log record content, this is a finding.

Fix Text

Work with the SIEM administrator to allow the ability to write specified log record content to an audit log server.

Additional Identifiers

Rule ID: SV-214263r961395_rule

Vulnerability ID: V-214263

Group Title: SRG-APP-000358-WSR-000063

Expert Comments

Expert comments are only available to logged-in users.

CCIs

CCIs tied to check.
Number Definition
CCI-001851

Transfer audit logs per organization-defined frequency to a different system, system component, or media than the system or system component conducting the logging.

Controls

Controls tied to check. These are derived from the CCIs shown above.
Number Title
AU-4(1)

Transfer to Alternate Storage