Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
The vRA PostgreSQL database must set the log_statement to all.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-89425 | VRAU-PG-000415 | SV-100075r1_rule | Medium |
| Description |
|---|
| Changes in categories of information must be tracked. Without an audit trail, unauthorized access to protected data could go undetected. For detailed information on categorizing information, refer to FIPS Publication 199, Standards for Security Categorization of Federal Information and Information Systems, and FIPS Publication 200, Minimum Security Requirements for Federal Information and Information Systems. |
| STIG | Date |
|---|---|
| VMW vRealize Automation 7.x PostgreSQL Security Technical Implementation Guide | 2018-10-12 |
Details
| Check Text ( C-89117r1_chk ) |
|---|
| At the command prompt, execute the following command: # grep '^\s*log_statement\b' /storage/db/pgdata/postgresql.conf If "log_statement" is not "all", this is a finding. |
| Fix Text (F-96167r1_fix) |
|---|
| At the command prompt, execute the following commands: # /opt/vmware/vpostgres/current/bin/psql -U postgres -c "ALTER SYSTEM SET log_statement TO 'all';" # /opt/vmware/vpostgres/current/bin/psql -U postgres -c "SELECT pg_reload_conf();" |