Skip to content

The WebSphere Liberty Server must allocate JVM log record storage capacity in accordance with organization-defined log record storage requirements.

An XCCDF Rule

Description

<VulnDiscussion>JVM logs are logs used to store application and runtime related events, rather than audit related events. They are mainly used to diagnose application or runtime bugs. However, they are useful for providing more context when correlated with audit related events. By default, Liberty automatically logs the console.log, messages.log, and trace.log but these default settings must be validated.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>

ID
SV-250343r961392_rule
Severity
Medium
References
Updated



Remediation - Manual Procedure

Edit the bootstrap.properties file and configure the  com.ibm.ws.logging.console.log.level=ON. 

Edit the ${server.config.dir}/server.xml file. Configure <logging traceSpecification> in accordance with local policy and system storage limits.

EXAMPLE:
<logging traceSpecification="*=info=enabled:my.package.*=all" maxFileSize="40" maxFiles="20"/>,