I - Mission Critical Classified
Rules and Groups employed by this XCCDF Profile
-
SRG-APP-000099-AS-000062
Group -
Oracle WebLogic must produce audit records that contain sufficient information to establish the outcome (success or failure) of application server and application events.
Information system auditing capability is critical for accurate forensic analysis. Audit record content that may be necessary to satisfy the requirement of this control includes, but is not limite...Rule Low Severity -
SRG-APP-000100-AS-000063
Group -
Oracle WebLogic must produce audit records containing sufficient information to establish the identity of any user/subject or process associated with the event.
Information system auditing capability is critical for accurate forensic analysis. Audit record content that may be necessary to satisfy the requirement of this control, includes: time stamps, sour...Rule Medium Severity -
SRG-APP-000515-AS-000203
Group -
Oracle WebLogic must provide the ability to write specified audit record content to an audit log server.
Information system auditing capability is critical for accurate forensic analysis. Audit record content that may be necessary to satisfy the requirement of this control includes, but is not limite...Rule Medium Severity -
SRG-APP-000108-AS-000067
Group -
Oracle WebLogic must provide a real-time alert when organization-defined audit failure events occur.
It is critical for the appropriate personnel to be aware if a system is at risk of failing to process audit logs as required. Audit processing failures include software/hardware errors, failures in...Rule Low Severity -
SRG-APP-000108-AS-000067
Group -
Oracle WebLogic must alert designated individual organizational officials in the event of an audit processing failure.
Audit processing failures include, but are not limited to, failures in the application server log capturing mechanisms or audit storage capacity being reached or exceeded. In some instances, it is...Rule Low Severity -
SRG-APP-000108-AS-000067
Group -
Oracle WebLogic must notify administrative personnel as a group in the event of audit processing failure.
Audit processing failures include software/hardware errors, failures in the audit capturing mechanisms, and audit storage capacity being reached or exceeded. To ensure flexibility and ease of use,...Rule Low Severity -
SRG-APP-000116-AS-000076
Group -
Oracle WebLogic must use internal system clocks to generate time stamps for audit records.
Without the use of an approved and synchronized time source, configured on the systems, events cannot be accurately correlated and analyzed to determine what is transpiring within the application s...Rule Low Severity -
SRG-APP-000372-AS-000212
Group -
Oracle WebLogic must synchronize with internal information system clocks which, in turn, are synchronized on an organization-defined frequency with an organization-defined authoritative time source.
Determining the correct time a particular application event occurred on a system is critical when conducting forensic analysis and investigating system events. Synchronization of system clocks is...Rule Low Severity -
SRG-APP-000118-AS-000078
Group -
Oracle WebLogic must protect audit information from any type of unauthorized read access.
If audit data were to become compromised, then competent forensic analysis and discovery of the true source of potentially malicious system activity is difficult, if not impossible, to achieve. In ...Rule Low Severity -
SRG-APP-000121-AS-000081
Group -
Oracle WebLogic must protect audit tools from unauthorized access.
Protecting audit data also includes identifying and protecting the tools used to view and manipulate log data. Depending upon the log format and application, system and application log tools may ...Rule Medium Severity
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.