Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
Audit trail data should be reviewed daily or more frequently.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-3827 | DG0095-SQLServer9 | SV-24250r1_rule | ECAT-1 | Medium |
| Description |
|---|
| Review of audit trail data provides a means for detection of unauthorized access or attempted access. Frequent and regularly scheduled reviews ensures that such access is discovered in a timely manner. |
| STIG | Date |
|---|---|
| Microsoft SQL Server 2005 Instance Security Technical Implementation Guide | 2015-06-16 |
Details
| Check Text ( C-23452r1_chk ) |
|---|
| Review policy, procedures and implementation evidence for daily audit trail monitoring. For SQL Server, the audit trail data is found in audit traces, the system error logs (ERRORLOG.*) files, and the system and application event logs. If the policy, procedures and evidence are not present or complete, this is a Finding. |
| Fix Text (F-19759r1_fix) |
|---|
| Develop, document and implement policy and procedures to monitor audit trail data daily. |