Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-58107 | SRG-APP-000503-DB-000350 | SV-72537r1_rule | Medium |
Description |
---|
For completeness of forensic analysis, it is necessary to track who/what (a user or other principal) logs on to the DBMS. |
STIG | Date |
---|---|
Database Security Requirements Guide | 2016-11-16 |
Check Text ( C-58877r1_chk ) |
---|
Review the DBMS audit settings. If an audit record is not generated each time a user (or other principal) logs on or connects to the DBMS, this is a finding. |
Fix Text (F-63315r1_fix) |
---|
Configure DBMS audit settings to generate an audit record each time a user (or other principal) logs on or connects to the DBMS. Ensure that the audit record contains the time of the event, the user ID, and session identifier. |