TIM Apache Security Finding

book

Article ID: 131503

calendar_today

Updated On:

Products

CA Application Performance Management Agent (APM / Wily / Introscope) INTROSCOPE

Issue/Introduction



We have a manual finding on the TIM for Apache in regards to embedded tools.  They are requiring reconfiguring the tool to provide logs from Apache to the syslog.  It is our impression that we are not allowed to make those configuration changes therefore I need something from the vendor telling me that.

Environment

Release:
Component: APMISP

Resolution

Since APM 9.6, you are free to make whatever OS and third-party tool configuration changes you need to for securing your environment. This includes changing Apache log location. You are free to contact APM Support after making these changes.  



All we ask is that you test first to make sure the proposed change does not impact existing TIM functionality. In this particular case, the change on logging should not present a problem.