JBoss log records must be off-loaded onto a different system or system component a minimum of every seven days.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-213516	JBOS-AS-000195	SV-213516r960948_rule		Medium

Description

JBoss logs by default are written to the local file system. A centralized logging solution like syslog should be used whenever possible; however, any log data stored to the file system needs to be off-loaded. JBoss EAP does not provide an automated backup capability. Instead, reliance is placed on OS or third-party tools to back up or off-load the log files. Protection of log data includes assuring log data is not accidentally lost or deleted. Off-loading log records to a different system or onto separate media from the system the application server is actually running on helps to assure that, in the event of a catastrophic system failure, the log records will be retained.

STIG	Date
JBoss Enterprise Application Platform 6.3 Security Technical Implementation Guide	2025-02-20

Details

Check Text (C-14739r296214_chk)

Interview the system admin and obtain details on how the log files are being off-loaded to a different system or media.

If the log files are not off-loaded a minimum of every 7 days, this is a finding.

Fix Text (F-14737r296215_fix)

Configure the application server to off-load log records every seven days onto a different system or media from the system being logged.