STIGQter: STIG Summary: EDB Postgres Advanced Server v11 on Windows Security Technical Implementation Guide Version: 2 Release: 1 Benchmark Date: 23 Oct 2020: STIGQter: STIG Summary: EDB Postgres Advanced Server v11 on Windows Security Technical Implementation Guide Version: 2 Release: 1 Benchmark Date: 23 Oct 2020:SV-224134r508023_rule
V-224134
SRG-APP-000089-DB-000064
EP11-00-001000
CAT II
10
Configure the DBMS's auditing to audit organization-defined auditable events.
Execute the following SQL as enterprisedb to ensure that EDB Auditing is enabled:
ALTER SYSTEM SET edb_audit = csv;
SELECT pg_reload_conf();
or
ALTER SYSTEM SET edb_audit = xml;
SELECT pg_reload_conf();
Configure EDB audit settings to audit organization-defined auditable events in accordance with the information documented in the EDB Postgres Advanced Server Guide.
Verify, using vendor and system documentation if necessary, that the DBMS is configured to use EDB's auditing features and configured to satisfy this requirement.
Execute the following SQL as the enterprisedb database user or another database superuser to check if EDB auditing is enabled:
SHOW edb_audit;
If the result is not "csv" or "xml", this is a finding.
If organization-defined auditable events are not being audited, this is a finding.
V-224134
False
EP11-00-001000
Verify, using vendor and system documentation if necessary, that the DBMS is configured to use EDB's auditing features and configured to satisfy this requirement.
Execute the following SQL as the enterprisedb database user or another database superuser to check if EDB auditing is enabled:
SHOW edb_audit;
If the result is not "csv" or "xml", this is a finding.
If organization-defined auditable events are not being audited, this is a finding.
M
4107