Specify file handler in logging.properties files – check if org.apache.juli.FileHandler exists in web application

Details

Handlers specify where log messages are sent. Console handlers send log messages to the Java console and File handlers specify logging to a file.

Rationale:

Utilizing file handlers will ensure that security event information is persisted to disk.

Solution

Add the following entries to your logging.properties file if they do not exist.

handlers=…,org.apache.juli.FileHandler,…

Ensure logging is not off and set the logging level to the desired level such as:

org.apache.juli.FileHandler.level=FINEST

Default Value:

No value for new applications by default.

References:

https://tomcat.apache.org/tomcat-8.0-doc/logging.html

Supportive Information

The following resource is also helpful.

https://workbench.cisecurity.org/files/2506

This security hardening control applies to the following category of controls within NIST 800-53: Audit and Accountability.This control applies to the following type of system Unix.

References

Source

Tenable.com/audits

Updated on July 16, 2022

Was this article helpful?

Yes No

Details

Solution

Supportive Information

References

Source

Related Articles