7.5 Ensure pattern in context.xml is correct

Information

The pattern setting informs Tomcat what information should be logged. At a minimum, enough information to uniquely identify a request, what was requested, where the requested originated from, and when the request occurred should be logged.

Solution

Add the following statement into the $CATALINA_BASEwebapps<app-name>META-INFcontext.xml file if it does not already exist.
<Valve className="org.apache.catalina.valves.AccessLogValve" directory="$CATALINA_HOME/logs/" prefix="access_log" fileDateFormat="yyyy-MM-dd.HH" suffix=".log" pattern="%h %t %H cookie:%{SESSIONID}c request:%{SESSIONID}r %m %U %s %q %r" />

See Also

https://workbench.cisecurity.org/files/266

Item Details

Category: AUDIT AND ACCOUNTABILITY

References: 800-53|AU-12c.

Plugin: Unix

Control ID: 6e3f4d4b28089e483c7b1e6cd7954fbb30642eb0d11b45e3f14140ce2fe10e8e