STIGhubSTIGhub
STIGsSearchCompare

STIGhub

A free tool to search and browse the entire DISA STIG library. Saves up to 75% in security compliance research time.

Navigation

  • Browse STIGs
  • Search
  • Compare Versions

Resources

  • About
  • Release Notes
  • VPAT
  • DISA STIG Library
STIGs updated 3 hours ago
Powered by Pylon
© 2026 Beacon Cloud Solutions, Inc. All rights reserved.
← Back to VMware vRealize Operations Manager 6.x tc Server Security Technical Implementation Guide

V-241702

CAT II (Medium)

tc Server ALL log files must be moved to a permanent repository in accordance with site policy.

Rule ID

SV-241702r879731_rule

STIG

VMware vRealize Operations Manager 6.x tc Server Security Technical Implementation Guide

Version

V1R2

CCIs

CCI-001851

Discussion

A web server will typically utilize logging mechanisms for maintaining a historical log of activity that occurs within a hosted application. This information can then be used for diagnostic purposes, forensics purposes, or other purposes relevant to ensuring the availability and integrity of the hosted application. Log files must be periodically moved from the web server to a permanent storage location. This serves two beneficial purposes. First, the web server's resources are freed up for productions. Also, this ensures that the site has, and enforces, policies designed to preserve the integrity of historical logs.

Check Content

Obtain supporting documentation from the ISSO.

Review the site policy for moving log files from the web server to a permanent repository. Ensure that log files are being moved from the web server in accordance with the site policy.

If the site does not have a policy for periodically moving log files to an archive repository or such policy is not being enforced, this is a finding.

Fix Text

Develop and enforce a site policy for moving log files periodically from the web server to a permanent repository in accordance with site retention policies.