STIGQter: STIG Summary: MS SQL Server 2016 Instance Security Technical Implementation Guide Version: 2 Release: 3 Benchmark Date: 23 Apr 2021:

SQL Server must provide a warning to appropriate support staff when allocated audit record storage volume reaches 75% of maximum audit record storage capacity.

DISA Rule

SV-213984r617437_rule

Vulnerability Number

V-213984

Group Title

SRG-APP-000359-DB-000319

Rule Version

SQL6-D0-011000

Severity

CAT II

CCI(s)

• CCI-001855 - The information system provides a warning to organization-defined personnel, roles, and/or locations within an organization-defined time period when allocated audit record storage volume reaches an organization-defined percentage of repository maximum audit record storage capacity.

Weight

10

Fix Recommendation

Utilize operating system alerting mechanisms, SQL Agent, Operations Management tools, and/or third-party tools to configure the system to notify appropriate support staff immediately upon storage volume utilization reaching 75%.

Check Contents

The operating system and SQL Server offer a number of methods for checking the drive or volume free space. Locate the destination drive where SQL Audits are stored and review system configuration.

If no alert exist to notify support staff in the event the SQL Audit drive reaches 75%, this is a finding.

Vulnerability Number

V-213984

Documentable

False

Rule Version

SQL6-D0-011000

Severity Override Guidance

The operating system and SQL Server offer a number of methods for checking the drive or volume free space. Locate the destination drive where SQL Audits are stored and review system configuration.

If no alert exist to notify support staff in the event the SQL Audit drive reaches 75%, this is a finding.

Check Content Reference

M

Target Key

3993

Comments