UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

Automated notification of suspicious activity detected in the audit trail should be implemented.


Overview

Finding ID Version Rule ID IA Controls Severity
V-15102 DG0083-SQLServer9 SV-24234r1_rule ECRG-1 Medium
Description
Audit record collection may quickly overwhelm storage resources and an auditor's ability to review it in a productive manner. Automated tools can provide the means to manage the audit data collected as well as present it to an auditor in an efficient way.
STIG Date
Microsoft SQL Server 2005 Instance Security Technical Implementation Guide 2015-04-03

Details

Check Text ( C-17014r1_chk )
Review automated tool usage for reporting of audit trail data.

If automated tools are not used, this is a Finding.

Automated DBMS jobs and/or procedures may be used to produce the periodic reports where supported by the DBMS.
Fix Text (F-24522r1_fix)
Develop, document and implement database or host system procedures to report audit trail data in a form usable to detect unauthorized access to or usage of DBMS privileges, procedures or data.