UCF STIG Viewer Logo

The DBMS must generate audit records when successful logons or connections occur.


Overview

Finding ID Version Rule ID IA Controls Severity
V-58107 SRG-APP-000503-DB-000350 SV-72537r1_rule Medium
Description
For completeness of forensic analysis, it is necessary to track who/what (a user or other principal) logs on to the DBMS.
STIG Date
Database Security Requirements Guide 2017-11-30

Details

Check Text ( C-58877r1_chk )
Review the DBMS audit settings. If an audit record is not generated each time a user (or other principal) logs on or connects to the DBMS, this is a finding.
Fix Text (F-63315r1_fix)
Configure DBMS audit settings to generate an audit record each time a user (or other principal) logs on or connects to the DBMS. Ensure that the audit record contains the time of the event, the user ID, and session identifier.