The Cassandra database must initiate session auditing upon startup.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-72631 | VROM-CS-000030 | SV-87263r1_rule | Medium |
| Description |
|---|
| Session auditing is for use when a user's activities are under investigation. To be sure of capturing all activity during those periods when session auditing is in use, it needs to be in operation for the whole time the DBMS is running. |
| STIG | Date |
|---|---|
| vRealize - Cassandra Security Technical Implementation Guide | 2017-06-06 |
Details
| Check Text ( C-72785r1_chk ) |
|---|
| Review the Cassandra Server configuration to ensure session auditing is initiated upon startup. At the command prompt, execute the following command: # grep ' If level is not set to "ALL", this is a finding. |
| Fix Text (F-79033r1_fix) |
|---|
| Configure the Cassandra Server to initiate session auditing upon startup. At the command line execute the following command: # sed -i 's/^\(\s*\) |