VCRP-67-000009 – The rhttpproxy log files must be moved to a permanent repository in accordance with site policy.

Details

The rhttpproxy produces a handful of logs that must be offloaded from the originating system. This information can then be used for diagnostic, forensic, or other purposes relevant to ensuring the availability and integrity of the hosted application.

Solution

Navigate to and open /etc/vmware-syslog/stig-services-rhttpproxy.conf.

Create the file if it does not exist.

Set the contents of the file as follows:

input(type=’imfile’
File=’/var/log/vmware/rhttpproxy/rhttpproxy.log’
Tag=’rhttpproxy-main’
Severity=’info’
Facility=’local0′)

Supportive Information

The following resource is also helpful.

https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_VMW_vSphere_6-7_STIG.zip

This security hardening control applies to the following category of controls within NIST 800-53: Audit and Accountability.This control applies to the following type of system Unix.

References

800-53|AU-4(1)
CAT|II
CCI|CCI-001851
Rule-ID|SV-240724r679685_rule
STIG-ID|VCRP-67-000009
Vuln-ID|V-240724

Source

Tenable.com/audits

Updated on July 16, 2022

Was this article helpful?

Yes No

Details

Solution

Supportive Information

References

Source

Related Articles