Performance monitoring (ACL) (instance security hardening)
Use the glide.security.diag_txns_acl property to control stats.do, threads.do, thread_pool_stats, and replication.do access from an unauthenticated connection.
When you set this property to true, the
glide.security.diag_txns_acl property only allows access to the
following by the administrator account:
- https://<instancename>.servicenow.com/stats.do
- https://<instancename>.servicenow.com/threads.do
- https://<instancename>.servicenow.com/replication.do
- https://<instancename>.servicenow.com/thread_pool_stats.do
More information
| Attribute | Description |
|---|---|
| Property name | glide.security.diag_txns_acl |
| Configuration type | System Properties (/sys_properties_list.do) |
| Configure in Instance Security Center | Yes |
| Purpose | Restrict the access to configuration pages to administrator account only |
| Recommended value | true |
| Functional Impact | This remediation enforces only administrator account to get access to the application sensitive data for logging and troubleshooting purposes. |
| Security risk | (Low) Sensitive data such as server details, threads, and processes executed on the server should never be visible or accessible to the end user without appropriate privileges. |
To learn more about adding or creating a system property, see Add a system property.