Specify file handler in logging.properties files – check if java.util.logging.ConsoleHandler logging is enabled in default

Details

Handlers specify where log messages are sent. Console handlers send log messages to the Java console and File handlers specify logging to a file.

Rationale:

Utilizing file handlers will ensure that security event information is persisted to disk.

Solution

Add the following entries to your logging.properties file if they do not exist.

handlers=…,org.apache.juli.FileHandler,…

Ensure logging is not off and set the logging level to the desired level such as:

org.apache.juli.FileHandler.level=FINEST

Default Value:

No value for new applications by default.

References:

https://tomcat.apache.org/tomcat-8.0-doc/logging.html

Supportive Information

The following resource is also helpful.

https://workbench.cisecurity.org/files/2506

This security hardening control applies to the following category of controls within NIST 800-53: Audit and Accountability.This control applies to the following type of system Unix.

References

Source

Tenable.com/audits

Updated on July 16, 2022

Was this article helpful?

Yes No

Details

Solution

Supportive Information

References

Source

Related Articles