Audit trail data should be reviewed daily or more frequently.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-3827 | DG0095-ORACLE11 | SV-24405r1_rule | Medium |
| Description |
|---|
| Review of audit trail data provides a means for detection of unauthorized access or attempted access. Frequent and regularly scheduled reviews ensures that such access is discovered in a timely manner. |
| STIG | Date |
|---|---|
| Oracle Database 11g Installation STIG | 2017-06-29 |
Details
| Check Text ( C-29224r1_chk ) |
|---|
| If the database being reviewed is not a production database, this check is Not a Finding. Review policy and procedures documented or noted in the System Security plan as well as evidence of implementation for daily audit trail monitoring. If policy and procedures are not documented or evidence of implementation is not available, this is a Finding. |
| Fix Text (F-26245r1_fix) |
|---|
| Develop, document and implement policy and procedures to monitor audit trail data daily. |