The EDB Postgres Advanced Server must provide the capability for authorized users to capture, record, and log all content related to a user session.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-68893	PPS9-00-001500	SV-83497r1_rule		Medium

Description
Without the capability to capture, record, and log all content related to a user session, investigations into suspicious user activity would be hampered. Typically, this DBMS capability would be used in conjunction with comparable monitoring of a user's online session, involving other software components such as operating systems, web servers and front-end user applications. The current requirement, however, deals specifically with the DBMS.

Description

Without the capability to capture, record, and log all content related to a user session, investigations into suspicious user activity would be hampered. Typically, this DBMS capability would be used in conjunction with comparable monitoring of a user's online session, involving other software components such as operating systems, web servers and front-end user applications. The current requirement, however, deals specifically with the DBMS.

STIG	Date
EDB Postgres Advanced Server Security Technical Implementation Guide	2016-08-19

Details

Check Text ( C-69363r1_chk )
Execute the following SQL as enterprisedb: SHOW edb_audit_statement; If the result is not "all", this is a finding.

Fix Text (F-75075r1_fix)
Execute the following SQL as enterprisedb: ALTER SYSTEM SET edb_audit_statement = 'all'; SELECT pg_reload_conf();