ColdFusion must allocate log record storage capacity.

Severity	Group ID	Group Title	Version	Rule ID	Date	STIG Version
low	V-279076	SRG-APP-000357-AS-000038	APAS-CF-000610	SV-279076r1172835_rule	2025-12-19	1

Description
Proper management of log records not only dictates proper archiving processes and procedures be established, but it also requires allocating enough storage space to maintain the logs online for a defined period of time. If adequate online log storage capacity is not maintained, intrusion monitoring, security investigations, and forensic analysis can be negatively affected. It is important to keep a defined amount of logs online and readily available for investigative purposes. The logs may be stored on ColdFusion until they can be archived to a log system or, in some instances, a Storage Area Network (SAN). Regardless of the method used, log record storage capacity must be sufficient to store log data when the data cannot be off-loaded to a log system or a SAN. ColdFusion handles logs by allowing the administrator to specify a log file size and how many archives to keep online. This allows the administrator to correctly size the storage needed to meet the requirements of the organization for how log audit files should be available online and configure the storage needed to meet the requirement before off-loading archives to offline storage.

Description

Proper management of log records not only dictates proper archiving processes and procedures be established, but it also requires allocating enough storage space to maintain the logs online for a defined period of time. If adequate online log storage capacity is not maintained, intrusion monitoring, security investigations, and forensic analysis can be negatively affected. It is important to keep a defined amount of logs online and readily available for investigative purposes. The logs may be stored on ColdFusion until they can be archived to a log system or, in some instances, a Storage Area Network (SAN). Regardless of the method used, log record storage capacity must be sufficient to store log data when the data cannot be off-loaded to a log system or a SAN. ColdFusion handles logs by allowing the administrator to specify a log file size and how many archives to keep online. This allows the administrator to correctly size the storage needed to meet the requirements of the organization for how log audit files should be available online and configure the storage needed to meet the requirement before off-loading archives to offline storage.

ℹ️ Check
Review the ColdFusion log configuration to verify sufficient storage is allocated for log records and that log data will not exceed available space. 1. From the ColdFusion Admin Console landing screen, navigate to Debugging & Logging >> Logging Settings. 2. Locate the following settings: - Log directory: Note the location where logs are written. - Maximum number of archives: Note the value configured. - Maximum file size (in kilobytes): Note the value configured. 3. Next, navigate to Debugging & Logging >> Log Files. 4. Count the number of log files currently present. 5. Calculate the total potential storage consumption using the following formula: (Maximum number of archives) × (Maximum file size in KB) × (Number of log files) 6. Compare this value to the total available space on the storage volume where the log directory resides. If the calculated potential log storage exceeds the available storage for the log directory, this is a finding.

ℹ️ Check

Review the ColdFusion log configuration to verify sufficient storage is allocated for log records and that log data will not exceed available space. 1. From the ColdFusion Admin Console landing screen, navigate to Debugging & Logging >> Logging Settings. 2. Locate the following settings: - Log directory: Note the location where logs are written. - Maximum number of archives: Note the value configured. - Maximum file size (in kilobytes): Note the value configured. 3. Next, navigate to Debugging & Logging >> Log Files. 4. Count the number of log files currently present. 5. Calculate the total potential storage consumption using the following formula: (Maximum number of archives) × (Maximum file size in KB) × (Number of log files) 6. Compare this value to the total available space on the storage volume where the log directory resides. If the calculated potential log storage exceeds the available storage for the log directory, this is a finding.

✔️ Fix
Configure ColdFusion to allocate log record storage capacity that does not exceed the available space on the log directory's storage volume. 1. From the ColdFusion Admin Console landing screen, navigate to Debugging & Logging >> Logging Settings. 2. Review and adjust the following settings: - Maximum number of archives. - Maximum file size (in kilobytes). 3. Ensure the calculated total log storage remains within the available storage space of the log directory. 4. Optionally, relocate the log directory to a volume with greater capacity if needed. 5. Save changes and monitor log growth over time to verify compliance.

✔️ Fix

Configure ColdFusion to allocate log record storage capacity that does not exceed the available space on the log directory's storage volume. 1. From the ColdFusion Admin Console landing screen, navigate to Debugging & Logging >> Logging Settings. 2. Review and adjust the following settings: - Maximum number of archives. - Maximum file size (in kilobytes). 3. Ensure the calculated total log storage remains within the available storage space of the log directory. 4. Optionally, relocate the log directory to a volume with greater capacity if needed. 5. Save changes and monitor log growth over time to verify compliance.