2.24 Ensure Security Audit Provider is enabled - 'Audit Provider = true'

Information

The Security Audit Provider category must be enabled for production environments. The Security Audit Appender and the Security Audit Provider category together set up the audit infrastructure that allows deployed applications to easily audit authentication and authorization events.

Solution

Ensure the Security Audit Provider category is defined within JBOSS_HOME/server/@[email protected]/conf/jboss-log4j.xml. By default, the Security Audit Provider category exists and just needs to be uncommented.

Item Details

Category: AUDIT AND ACCOUNTABILITY

References: 800-53|AU-12, CAT|II

Plugin: Unix

Control ID: 05a9bd3af652804d0a8278b3739f9666eb687fdb4d5731900472971900785a6f