UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

Audit records should contain required information.


Overview

Finding ID Version Rule ID IA Controls Severity
V-15646 DG0145-ORACLE10 SV-24971r1_rule ECAR-1 ECAR-2 ECAR-3 Medium
Description
Complete forensically valuable data may be unavailable or accountability may be jeopardized when audit records do not contain sufficient information.
STIG Date
Oracle 10 Database Instance STIG 2014-01-14

Details

Check Text ( C-1716r1_chk )
Review samples of the DBMS audit logs.

Compare to the required elements listed below:
- User ID.
- Successful and unsuccessful attempts to access security files
- Date and time of the event.
- Type of event.

If the elements listed above are not included in the audit logs at at minimum, this is a Finding.
Fix Text (F-18329r1_fix)
Configure audit settings to include the following list of elements in the audit logs at a minimum:
- User ID.
- Successful and unsuccessful attempts to access security files
- Date and time of the event.
- Type of event.