I - Mission Critical Public
Rules and Groups employed by this XCCDF Profile
-
SRG-APP-000108-AS-000067
<GroupDescription></GroupDescription>Group -
Oracle WebLogic must notify administrative personnel as a group in the event of audit processing failure.
<VulnDiscussion> Audit processing failures include software/hardware errors, failures in the audit capturing mechanisms, and audit storage ca...Rule Low Severity -
SRG-APP-000116-AS-000076
<GroupDescription></GroupDescription>Group -
Oracle WebLogic must use internal system clocks to generate time stamps for audit records.
<VulnDiscussion>Without the use of an approved and synchronized time source, configured on the systems, events cannot be accurately correlate...Rule Low Severity -
SRG-APP-000372-AS-000212
<GroupDescription></GroupDescription>Group -
Oracle WebLogic must synchronize with internal information system clocks which, in turn, are synchronized on an organization-defined frequency with an organization-defined authoritative time source.
<VulnDiscussion>Determining the correct time a particular application event occurred on a system is critical when conducting forensic analysi...Rule Low Severity -
SRG-APP-000118-AS-000078
<GroupDescription></GroupDescription>Group -
Oracle WebLogic must protect audit information from any type of unauthorized read access.
<VulnDiscussion>If audit data were to become compromised, then competent forensic analysis and discovery of the true source of potentially ma...Rule Low Severity -
SRG-APP-000121-AS-000081
<GroupDescription></GroupDescription>Group -
Oracle WebLogic must protect audit tools from unauthorized access.
<VulnDiscussion>Protecting audit data also includes identifying and protecting the tools used to view and manipulate log data. Depending up...Rule Medium Severity
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.