Details
To make certain that the logging mechanism used by the web server has sufficient storage capacity in which to write the logs, the logging mechanism needs to be able to allocate log record storage capacity.
The task of allocating log record storage capacity is usually performed during initial installation of the logging mechanism. The System Administrator will usually coordinate the allocation of physical drive space with the Web Server Administrator along with the physical location of the partition and disk. Refer to NIST SP 800-92 for specific requirements on log rotation and storage dependent on the impact of the web server.
NOTE: Nessus has not performed this check. Please review the benchmark to ensure target compliance.
Solution
Work with the SIEM administrator to determine if the SIEM is configured to allocate log record storage capacity large enough to accommodate the logging requirements of the Apache web server.
Supportive Information
The following resource is also helpful.
This security hardening control applies to the following category of controls within NIST 800-53: Audit and Accountability.This control applies to the following type of system Unix.
References
- 800-53|AU-4
- CAT|II
- CCI|CCI-001849
- Rule-ID|SV-214262r612240_rule
- STIG-ID|AS24-U1-000710
- STIG-Legacy|SV-102803
- STIG-Legacy|V-92715
- Vuln-ID|V-214262