Check: AS24-U1-000710
Apache Server 2.4 UNIX Server STIG:
AS24-U1-000710
(in versions v2 r7 through v1 r1)
Title
The Apache web server must use a logging mechanism that is configured to allocate log record storage capacity large enough to accommodate the logging requirements of the Apache web server. (Cat II impact)
Discussion
To make certain that the logging mechanism used by the web server has sufficient storage capacity in which to write the logs, the logging mechanism needs to be able to allocate log record storage capacity. The task of allocating log record storage capacity is usually performed during initial installation of the logging mechanism. The System Administrator will usually coordinate the allocation of physical drive space with the Web Server Administrator along with the physical location of the partition and disk. Refer to NIST SP 800-92 for specific requirements on log rotation and storage dependent on the impact of the web server.
Check Content
Work with SIEM administrator to determine log storage capacity. If there is no setting within a SIEM to accommodate enough a large logging capacity, this is a finding.
Fix Text
Work with the SIEM administrator to determine if the SIEM is configured to allocate log record storage capacity large enough to accommodate the logging requirements of the Apache web server.
Additional Identifiers
Rule ID: SV-214262r879730_rule
Vulnerability ID: V-214262
Group Title: SRG-APP-000357-WSR-000150
Expert Comments
CCIs
Number | Definition |
---|---|
CCI-001849 |
The organization allocates audit record storage capacity in accordance with organization-defined audit record storage requirements. |
Controls
Number | Title |
---|---|
AU-4 |
Audit Storage Capacity |