Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-69059 | PPS9-00-011800 | SV-83663r2_rule | Medium |
Description |
---|
For completeness of forensic analysis, it is necessary to track who/what (a user or other principal) logs on to the DBMS. |
STIG | Date |
---|---|
EDB Postgres Advanced Server Security Technical Implementation Guide | 2019-09-26 |
Check Text ( C-69533r3_chk ) |
---|
Execute the following SQL as enterprisedb: SHOW edb_audit_connect; If the result is not "all" or if the current setting for this requirement has not been noted and approved by the organization in the system documentation, this is a finding. |
Fix Text (F-75245r3_fix) |
---|
Execute the following SQL as enterprisedb: SHOW edb_audit_connect; If the result is not "all" or if the current setting for this requirement has not been noted and approved by the organization in the system documentation, this is a finding. Fix Text: Execute the following SQL as enterprisedb: ALTER SYSTEM SET edb_audit_connect = 'all'; ALTER SYSTEM SET edb_audit_disconnect = 'all'; SELECT pg_reload_conf(); or Update the system documentation to note the organizationally approved setting and corresponding justification of the setting for this requirement. |