WG242 - Log file data does not include the required data elements. - 'Logging Properties Set Correctly'

Information

Vulnerability Key: V0013688
IA Controls: ECAR-1 Audit Record Content, ECAR-2 Audit Record Content, ECAR-3 Audit Record Content
Categories: 10.2 Content Configuration
Severity: Category II
Ref: WEB SERVER SECURITY TECHNICAL IMPLEMENTATION GUIDE Section 3.7.1
A major tool in exploring the web site use, attempted use, unusual conditions and problems are
reported in the access and error logs. In the event of a security incident, these logs can provide the SA
and Web Manager with valuable information. Without these log files, SAs and Web Managers are
seriously hindered in their effort to respond appropriately to suspicious or criminal actions targeted at
the web site.
Review the found shares and ensure the web content directories are not being shared.

Item Details

Category: AUDIT AND ACCOUNTABILITY

References: 800-53|AU-3, CSCv6|6.2

Plugin: Windows

Control ID: c4bfc3178c05413d54f281c615d77b9d0dbb491206da63dfe7b856126a06217b