JBoss must be configured to initiate session logging upon startup.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
| V-213505 | JBOS-AS-000095 | SV-213505r960888_rule | CCI-001464 | medium |
| Description | ||||
| Session logging activities are developed, integrated, and used in consultation with legal counsel in accordance with applicable federal laws, Executive Orders, directives, policies, or regulations. | ||||
| STIG | Date | |||
| JBoss Enterprise Application Platform 6.3 Security Technical Implementation Guide | 2025-02-20 | |||
Details
Check Text (C-213505r960888_chk)
Log on to the OS of the JBoss server with OS permissions that allow access to JBoss.
Using the relevant OS commands and syntax, cd to the <JBOSS_HOME>/bin/ folder.
Run the jboss-cli script to start the Command Line Interface (CLI).
Connect to the server and authenticate.
Run the command:
For a Managed Domain configuration:
"ls host=master/server=<SERVERNAME>/core-service=management/access=audit/logger=audit-log:write-attribute(name=enabled,value=true)"
For a Standalone configuration:
"ls /core-service=management/access=audit/logger=audit-log:write-attribute(name=enabled,value=true)"
If "enabled" = false, this is a finding.
Fix Text (F-14726r296182_fix)
Launch the jboss-cli management interface.
Connect to the server by typing "connect", authenticate as a user in the Superuser role and run the following command:
For a Managed Domain configuration:
"host=master/server/<SERVERNAME>/core-service=management/access=audit/logger=audit-log:write-attribute(name=enabled,value=true)"
For a Standalone configuration:
"/core-service=management/access=audit/logger=audit-log:write-attribute(name=enabled,value=true)"