WG240 IIS7 - Web-site logging must be enabled.

Warning! Audit Deprecated

This audit has been deprecated and will be removed in a future update.

View Next Audit Version

Information

A major tool in exploring the web site use, attempted use, unusual conditions, and problems are reported in the access and error logs. In the event of a security incident, these logs can provide the SA and the web manager with valuable information.

Solution

1. Open the IIS Manager.
2. Click the site name.
3. Double-click Logging.
4. Click the Enable option from the Action Pane, click apply.

See Also

https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_MS_IIS_7-0_STIG.zip

Item Details

Category: AUDIT AND ACCOUNTABILITY

References: 800-53|AU-12, CAT|II, Rule-ID|SV-32636r2_rule, STIG-ID|WG240_IIS7, Vuln-ID|V-2250

Plugin: Windows

Control ID: 9df0d0e34c42edaddc751d53be8f2caef22ef9ba3a61faae00b12aeb6535544d