UCF STIG Viewer Logo

Audit records should contain required information.


Overview

Finding ID Version Rule ID IA Controls Severity
V-15646 DG0145-ORACLE10 SV-24971r1_rule ECAR-1 ECAR-2 ECAR-3 Medium
Description
Complete forensically valuable data may be unavailable or accountability may be jeopardized when audit records do not contain sufficient information.
STIG Date
Oracle 10 Database Instance STIG 2014-01-14

Details

Check Text ( C-1716r1_chk )
Review samples of the DBMS audit logs.

Compare to the required elements listed below:
- User ID.
- Successful and unsuccessful attempts to access security files
- Date and time of the event.
- Type of event.

If the elements listed above are not included in the audit logs at at minimum, this is a Finding.
Fix Text (F-18329r1_fix)
Configure audit settings to include the following list of elements in the audit logs at a minimum:
- User ID.
- Successful and unsuccessful attempts to access security files
- Date and time of the event.
- Type of event.