Skip Navigation

IISW-SI-000209: Sufficient website log records to establish identity

The IIS 8.5 website must produce log records containing sufficient information to establish the identity of any user, subject, or process associated with an event.
To check compliance with IISW-SI-000209, complete the following steps on each site hosted on the IIS 8.5 web server:
  1. Open the IIS 8.5 web server IIS 8.5 Manager.
  2. Under
    IIS
    , double-click the
    Logging
    icon.
  3. Under
    Log File
    , verify that the
    Format:
    field is configured to
    W3C
    .
  4. Click
    Fields
    .
  5. Under
    Standard Fields
    , verify that the
    User Agent
    ,
    User Name
    , and
    Referrer
    fields are selected.
  6. Under
    Custom Fields
    , verify that the following fields are selected:
    • Server Variable >> HTTP_USER_AGENT
    • Request Header >> User-Agent
    • Request Header >> Authorization
    • Response Header >> Content-Type
If any of the above fields are not selected, your application is not compliant.
If your application is not compliant, complete the following steps on each site hosted on the IIS 8.5 web server:
  1. Open the IIS 8.5 web server IIS 8.5 Manager.
  2. Under
    IIS
    , double-click the
    Logging
    icon.
  3. Under
    Log File
    , set the
    Format:
    field to
    W3C
    .
  4. Click
    Fields
    .
  5. Under
    Standard Fields
    , select the
    User Agent
    ,
    User Name
    , and
    Referrer
    fields.
  6. Under
    Custom Fields
    , select the following fields:
    • Server Variable >> HTTP_USER_AGENT
    • Request Header >> User-Agent
    • Request Header >> Authorization
    • Response Header >> Content-Type
  7. Click
    OK
    .
  8. In the
    Actions
    pane, click
    Apply
    .