Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-15646 | DG0145-ORACLE10 | SV-24971r1_rule | ECAR-1 ECAR-2 ECAR-3 | Medium |
Description |
---|
Complete forensically valuable data may be unavailable or accountability may be jeopardized when audit records do not contain sufficient information. |
STIG | Date |
---|---|
Oracle 10 Database Instance STIG | 2014-01-14 |
Check Text ( C-1716r1_chk ) |
---|
Review samples of the DBMS audit logs. Compare to the required elements listed below: - User ID. - Successful and unsuccessful attempts to access security files - Date and time of the event. - Type of event. If the elements listed above are not included in the audit logs at at minimum, this is a Finding. |
Fix Text (F-18329r1_fix) |
---|
Configure audit settings to include the following list of elements in the audit logs at a minimum: - User ID. - Successful and unsuccessful attempts to access security files - Date and time of the event. - Type of event. |