The EDB Postgres Advanced Server must generate audit records when successful logons or connections occur.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-69059 | PPS9-00-011800 | SV-83663r1_rule | Medium |
| Description |
|---|
| For completeness of forensic analysis, it is necessary to track who/what (a user or other principal) logs on to the DBMS. |
| STIG | Date |
|---|---|
| EDB Postgres Advanced Server Security Technical Implementation Guide | 2016-08-19 |
Details
| Check Text ( C-69533r1_chk ) |
|---|
| Execute the following SQL as enterprisedb: SHOW edb_audit_connect; If the result is not "all", this is a finding. |
| Fix Text (F-75245r1_fix) |
|---|
| Execute the following SQL as enterprisedb: ALTER SYSTEM SET edb_audit_connect = 'all'; ALTER SYSTEM SET edb_audit_disconnect = 'all'; SELECT pg_reload_conf(); |