The WebSphere Application Server security auditing must be enabled.

An XCCDF Rule

Description

<VulnDiscussion>Security auditing will not be performed unless the audit security subsystem has been enabled. Global security must be enabled for the security audit subsystem to function, as no security auditing occurs if global security is not also enabled. Enable global security before enabling security auditing. Satisfies: SRG-APP-000016-AS-000013, SRG-APP-000343-AS-000030, SRG-APP-000080-AS-000045, SRG-APP-000092-AS-000053, SRG-APP-000266-AS-000168, SRG-APP-000267-AS-000170</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>

ID: SV-95917r1_rule
Severity: Medium
References: CCI-000067 CCI-000166 CCI-001312 CCI-001314 CCI-001464 CCI-002234
Updated: about 1 year ago

In the administrative console, navigate to Security >> Security auditing to enable.

Restart the DMGR and all the JVMs.

The WebSphere Application Server security auditing must be enabled.

Description

Remediation - Manual Procedure