Details

If time stamps are not consistently applied and there is no common time reference, it is difficult to perform forensic analysis across multiple devices and log records.

Time stamps generated by the Apache web server include date and time. Time is commonly expressed in UTC, a modern continuation of GMT, or local time with an offset from UTC.

Without sufficient granularity of time stamps, it is not possible to adequately determine the chronological order of records.

Time stamps generated by the Apache web server include date and time and must be to a granularity of one second.

Satisfies: SRG-APP-000374-WSR-000172, SRG-APP-000375-WSR-000171

Solution

In a command line, run ‘httpd -M’ to view a list of installed modules.

If ‘log_config_module’ is not listed, enable this module.

Review the ‘httpd.conf’ file.

Determine if the ‘LogFormat’ directive exists. If it does not exist, ensure the ‘LogFormat’ line contains the %t flag.

Supportive Information

The following resource is also helpful.

• https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_Apache_Server_2-4_UNIX_Y22M01_STIG.zip

This security hardening control applies to the following category of controls within NIST 800-53: Audit and Accountability.This control applies to the following type of system Unix.

References

• 800-53|AU-8b.
• CAT|II
• CCI|CCI-001889
• CCI|CCI-001890
• Rule-ID|SV-214265r612240_rule
• STIG-ID|AS24-U1-000750
• STIG-Legacy|SV-102811
• STIG-Legacy|V-92723
• Vuln-ID|V-214265

Source

• Tenable.com/audits