{"description": "<tt>LogFormat</tt> should be enabled and set to the following in\n<tt>/etc/httpd/conf/httpd.conf</tt>:\n<pre>LogFormat \"a %A %h %H %l %m %s %t %u %U \\\"%{Referer}i\\\" \\\"%{User-Agent}i\\\"\" combined</pre>", "rationale": "The server error logs are invaluable because they can also be used to identify\npotential problems and enable proactive remediation. Log data can reveal\nanomalous behavior such as \"not found\" or \"unauthorized\" errors that may\nbe an evidence of attack attempts. Failure to enable error logging can\nsignificantly reduce the ability of Web Administrators to detect or remediate\nproblems. The LogFormat directive defines the format and information to be\nincluded in the access log entries.", "severity": "medium", "references": {}, "control_references": {}, "components": [], "identifiers": {}, "ocil_clause": "it is not", "ocil": "To verify if <tt>LogFormat</tt> is configured correctly in\n<tt>/etc/httpd/conf/httpd.conf</tt>, run the following command:\n<pre>$ grep -i logformat /etc/httpd/conf/httpd.conf</pre>\nThe output should contain the following:\n<pre>LogFormat \"a %A %h %H %l %m %s %t %u %U \\\"%{Referer}i\\\" \\\"%{User-Agent}i\\\"\" combined</pre>", "oval_external_content": null, "fixtext": "", "checktext": "", "vuldiscussion": "", "srg_requirement": "", "warnings": [], "conflicts": [], "requires": [], "policy_specific_content": {}, "platform": null, "platforms": [], "sce_metadata": {}, "inherited_platforms": [], "cpe_platform_names": [], "inherited_cpe_platform_names": [], "bash_conditional": null, "fixes": {}, "title": "Configure Error Log Format", "definition_location": "/aptdata/openscap/scap-security-guide/linux_os/guide/services/http/securing_httpd/httpd_configure_log_format/rule.yml", "template": null}