Skip to content
Catalogs
XCCDF
IBM WebSphere Traditional V9.x Security Technical Implementation Guide
SRG-APP-000357-AS-000038
The WebSphere Application Server must allocate audit log record storage capacity in accordance with organization-defined log record storage requirements.
The WebSphere Application Server must allocate audit log record storage capacity in accordance with organization-defined log record storage requirements. An XCCDF Rule
The WebSphere Application Server must allocate audit log record storage capacity in accordance with organization-defined log record storage requirements.
Medium Severity
<VulnDiscussion>The proper management of log records not only dictates proper archiving processes and procedures be established, it also requires allocating enough storage space to maintain the logs online for a defined period of time.
If adequate online log storage capacity is not maintained, intrusion monitoring, security investigations, and forensic analysis can be negatively affected.
It is important to keep a defined amount of logs online and readily available for investigative purposes. The logs may be stored on the application server until they can be archived to a log system or, in some instances, a Storage Area Networks (SAN). Regardless of the method used, log record storage capacity must be sufficient to store log data when the data cannot be offloaded to a log system or SAN.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>