Performance Charts must properly configure log sizes and rotation.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
| V-256639 | VCPF-70-000029 | SV-256639r888408_rule | CCI-001849 | medium |
| Description | ||||
| To ensure the logging mechanism used by the web server has sufficient storage capacity in which to write the logs, the logging mechanism must be able to allocate log record storage capacity. Performance Charts properly sizes and configures log rotation during installation. This default configuration must be verified. | ||||
| STIG | Date | |||
| VMware vSphere 7.0 vCenter Appliance Perfcharts Security Technical Implementation Guide | 2023-02-21 | |||
Details
Check Text (C-256639r888408_chk)
At the command prompt, run the following command:
# rpm -V VMware-perfcharts|grep log4j|grep "^..5......"
If the command returns any output, this is a finding.
Fix Text (F-60257r888407_fix)
Navigate to and open:
/etc/vmware-perfcharts/log4j.properties
Ensure the appender.rolling entries are configured as follows:
appender.rolling.type = RollingFile
appender.rolling.name = FileLog
appender.rolling.fileName = /var/log/vmware/perfcharts/stats.log
appender.rolling.filePattern = /var/log/vmware/perfcharts/stats-%i.log
appender.rolling.policies.type = Policies
appender.rolling.policies.size.type = SizeBasedTriggeringPolicy
appender.rolling.policies.size.size = 5MB
appender.rolling.strategy.type = DefaultRolloverStrategy
appender.rolling.strategy.max = 10
appender.rolling.layout.type = PatternLayout
appender.rolling.layout.pattern = %d{yyyy-MM-dd'T'HH:mm:ss.SSSXXX} [%t %-5p %c] %m%n
appender.rolling.level = info
Note: This fix is currently only applicable to 7.0 U2+ and is different in older versions.