Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-68893 | PPS9-00-001500 | SV-83497r2_rule | Medium |
Description |
---|
Without the capability to capture, record, and log all content related to a user session, investigations into suspicious user activity would be hampered. Typically, this DBMS capability would be used in conjunction with comparable monitoring of a user's online session, involving other software components such as operating systems, web servers and front-end user applications. The current requirement, however, deals specifically with the DBMS. |
STIG | Date |
---|---|
EDB Postgres Advanced Server Security Technical Implementation Guide | 2017-02-28 |
Check Text ( C-69363r2_chk ) |
---|
Execute the following SQL as enterprisedb: SHOW edb_audit_statement; If the result is not "all" or if the current setting for this requirement has not been noted and approved by the organization in the system documentation, this is a finding. |
Fix Text (F-75075r2_fix) |
---|
Execute the following SQL as enterprisedb: ALTER SYSTEM SET edb_audit_statement = 'all'; SELECT pg_reload_conf(); or Update the system documentation to note the organizationally approved setting and corresponding justification of the setting for this requirement. |