The application server must initiate session logging upon startup.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-204720	SRG-APP-000092-AS-000053	SV-204720r960888_rule		Medium

Description

Session logging activities are developed, integrated, and used in consultation with legal counsel in accordance with applicable federal laws, Executive Orders, directives, policies, or regulations.

STIG	Date
Application Server Security Requirements Guide	2025-02-11

Details

Check Text (C-4840r282807_chk)

Review the application server product documentation and server configuration to determine if the application server initiates session logging on application server startup.

If the application server is not configured to meet this requirement, this is a finding.

Fix Text (F-4840r282808_fix)

Configure the application server to initiate session logging on application server startup.