The Automation Controller must generate the appropriate log records.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-256943 | APWS-AT-000090 | SV-256943r903546_rule | Medium |
| Description |
|---|
| Automation Controller's web server must log all details related to user sessions in support of troubleshooting, debugging, and forensic analysis. Without a data logging feature, the organization loses an important auditing and analysis tool for event investigations. Satisfies: SRG-APP-000016-WSR-000005, SRG-APP-000095-WSR-000056, SRG-APP-000096-WSR-000057, SRG-APP-000097-WSR-000058, SRG-APP-000098-WSR-000059, SRG-APP-000098-WSR-000060, SRG-APP-000099-WSR-000061, SRG-APP-000100-WSR-000064 |
| STIG | Date |
|---|---|
| Red Hat Ansible Automation Controller Web Server Security Technical Implementation Guide | 2023-03-15 |
Details
| Check Text ( C-60618r902341_chk ) |
|---|
| For each Automation Controller host, determine whether the web server is logging all content related to user sessions. Log in to Automation Controller as an administrator and navigate to console Settings >> System >> Miscellaneous System. Verify the following settings: Enable Activity Stream = On Enable Activity Stream for Inventory Sync = On Organization Admins Can Manage Users and Teams = On All Users Visible to Organization Admins = On If the configuration settings are not as above, this is a finding. |
| Fix Text (F-60560r903520_fix) |
|---|
| As a System Administrator, for each Automation Controller host, navigate to console Settings >> System >> Miscellaneous System. Click "Edit". Set the following: Enable Activity Stream = On Enable Activity Stream for Inventory Sync = On Organization Admins Can Manage Users and Teams = On All Users Visible to Organization Admins = On Click "Save". |