Title

The Tomcat server must initiate session logging upon startup. (Cat II impact)

Discussion

Session logging activities are developed, integrated, and used in consultation with legal counsel in accordance with applicable federal laws, Executive Orders, directives, policies, or regulations.

Check Content

Review the logging.properties file for session logging to determine if the server generates log records when at startup. The following lines are an example of session logging enabled (note: these are example lines): 1catalina.org.apache.juli.FileHandler.level = FINE 1catalina.org.apache.juli.FileHandler.directory = ${catalina.base}/logs 1catalina.org.apache.juli.FileHandler.prefix = catalina 1catalina.org.apache.juli.FileHandler.rotatable = false 2localhost.org.apache.juli.FileHandler.level = FINE 2localhost.org.apache.juli.FileHandler.directory = ${catalina.base}/logs 2localhost.org.apache.juli.FileHandler.prefix = localhost 2localhost.org.apache.juli.FileHandler.rotatable = false If these lines do not exist or are commented out, this is a finding.

Fix Text

Configure the application server to initiate session logging on application server startup.

Additional Identifiers

Rule ID: SV-46435r3_rule

Vulnerability ID: V-35148

Group Title:

Expert Comments

CCIs tied to check.

Controls tied to check. These are derived from the CCIs shown above.