OHS must have the RewriteLog directive set properly.
An XCCDF Rule
Description
Specifying where the log files are written gives the system administrator the capability to store the files in a location other than the default, with system files or in a globally accessible location. The system administrator can also specify a location that is accessible by any enterprise tools that may use the logged data to give a picture of the overall enterprise security posture. If a file is not specified, OHS will still generate the log data, but it is not written and therefore, cannot be used to monitor the system or for forensic analysis.
- ID
- SV-221444r879887_rule
- Version
- OH12-1X-000206
- Severity
- Low
- References
- Updated
Remediation Templates
A Manual Procedure
1. As required, open $DOMAIN_HOME/config/fmwconfig/components/OHS/<componentName>/httpd.conf and every .conf file (e.g., ssl.conf) included in it with an editor that contains a "<VirtualHost>" directive.
2. Search for the "RewriteLog" directive at the OHS server and virtual host configuration scopes.
3. Set the "RewriteLog" directive to the same location as the "CustomLog" directive; add the directive if it does not exist unless inherited from a larger scope.