Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
The DBMS must generate audit records when successful logons or connections occur.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-58107 | SRG-APP-000503-DB-000350 | SV-72537r1_rule | Medium |
| Description |
|---|
| For completeness of forensic analysis, it is necessary to track who/what (a user or other principal) logs on to the DBMS. |
| STIG | Date |
|---|---|
| Database Security Requirements Guide | 2020-03-06 |
Details
| Check Text ( C-58877r1_chk ) |
|---|
| Review the DBMS audit settings. If an audit record is not generated each time a user (or other principal) logs on or connects to the DBMS, this is a finding. |
| Fix Text (F-63315r1_fix) |
|---|
| Configure DBMS audit settings to generate an audit record each time a user (or other principal) logs on or connects to the DBMS. Ensure that the audit record contains the time of the event, the user ID, and session identifier. |