An error occurred:

Check: APSC-DV-000850

Application Security and Development STIG: APSC-DV-000850 (in versions v5 r3 through v4 r2)

Title

The application must generate audit records showing starting and ending time for user access to the system. (Cat II impact)

Discussion

Knowing when a user’s application session began and when it ended is critical information that aids in forensic analysis.

Check Content

Review and monitor the application logs. Initiate a user session and observe if the log includes a time stamp showing the start of the session. Terminate the user session and observe if the log includes a time stamp showing the end of the session. If the start and the end time of the session are not recorded in the logs, this is a finding.

Fix Text

Configure the application or application server to record the start and end time of user session activity.

Additional Identifiers

Rule ID: SV-222464r879876_rule

Vulnerability ID: V-222464

Group Title: SRG-APP-000505

Expert Comments

Expert comments are only available to logged-in users.

CCIs

CCIs tied to check.
Number Definition
CCI-000172

The information system generates audit records for the events defined in AU-2 d. with the content defined in AU-3.

Controls

Controls tied to check. These are derived from the CCIs shown above.
Number Title
AU-12

Audit Generation