The DBMS must have its auditing configured to reduce the likelihood of storage capacity being exceeded.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-32255 | SRG-APP-000071-DB-000047 | SV-42572r1_rule | Medium |
| Description |
|---|
| Applications need to be cognizant of potential audit log storage capacity issues. During the installation and/or configuration process, applications should detect and determine if adequate storage capacity has been allocated for audit logs. During the installation process, a notification may be provided to the installer indicating, based on the auditing configuration chosen and the amount of storage space allocated for audit logs, the amount of storage capacity available is not sufficient enough to meet storage requirements. Logging must be configured appropriately. If the logs generated outstrip the amount of space reserved for those logs the system may shut down or take other measures to stop processing in order to protect transactions from continuing unlogged. |
| STIG | Date |
|---|---|
| Database Security Requirements Guide | 2012-07-02 |
Details
| Check Text ( C-40764r1_chk ) |
|---|
| Review the DBMS settings to determine whether logging is configured to produce logs consistent with the amount of space allocated for logging. If auditing will generate excessive logs it may outgrow the space reserved for logging, this is a finding. |
| Fix Text (F-36179r1_fix) |
|---|
| Configure auditing to generate audit logs that will stay within the amount of logs the system was sized to support. |