The WebSphere Liberty Server must allocate JVM log record storage capacity in accordance with organization-defined log record storage requirements.

An XCCDF Rule

Description

<VulnDiscussion>JVM logs are logs used to store application and runtime related events, rather than audit related events. They are mainly used to diagnose application or runtime bugs. However, they are useful for providing more context when correlated with audit related events. By default, Liberty automatically logs the console.log, messages.log, and trace.log but these default settings must be validated.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>

ID: SV-250343r850901_rule
Severity: Medium
References: CCI-001849
Updated: about 1 year ago

Edit the bootstrap.properties file and configure the  com.ibm.ws.logging.console.log.level=ON. 

Edit the ${server.config.dir}/server.xml file. Configure <logging traceSpecification> in accordance with local policy and system storage limits.

EXAMPLE:
<logging traceSpecification="*=info=enabled:my.package.*=all" maxFileSize="40" maxFiles="20"/>, 
where maxFileSize is set to the maximum file size defined in local policy and maxFiles is set to the maximum number of historical files defined in local policy and in accordance with system storage limits.

The WebSphere Liberty Server must allocate JVM log record storage capacity in accordance with organization-defined log record storage requirements.

Description

Remediation - Manual Procedure