Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
Automated notification of suspicious activity detected in the audit trail should be implemented.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-15102 | DG0083-SQLServer9 | SV-24234r1_rule | ECRG-1 | Medium |
| Description |
|---|
| Audit record collection may quickly overwhelm storage resources and an auditor's ability to review it in a productive manner. Automated tools can provide the means to manage the audit data collected as well as present it to an auditor in an efficient way. |
| STIG | Date |
|---|---|
| Microsoft SQL Server 2005 Instance Security Technical Implementation Guide | 2015-06-16 |
Details
| Check Text ( C-17014r1_chk ) |
|---|
| Review automated tool usage for reporting of audit trail data. If automated tools are not used, this is a Finding. Automated DBMS jobs and/or procedures may be used to produce the periodic reports where supported by the DBMS. |
| Fix Text (F-24522r1_fix) |
|---|
| Develop, document and implement database or host system procedures to report audit trail data in a form usable to detect unauthorized access to or usage of DBMS privileges, procedures or data. |