STIGQter STIGQter: STIG Summary: EDB Postgres Advanced Server v11 on Windows Security Technical Implementation Guide Version: 2 Release: 1 Benchmark Date: 23 Oct 2020:

The EDB Postgres Advanced Server must include additional, more detailed, organization-defined information in the audit records for audit events identified by type, location, or subject.

DISA Rule

SV-224145r508023_rule

Vulnerability Number

V-224145

Group Title

SRG-APP-000101-DB-000044

Rule Version

EP11-00-002200

Severity

CAT II

CCI(s)

Weight

10

Fix Recommendation

Execute the following SQL to set additional detailed information for the audit records in the session:

set edb_audit_tag = '<information>';

Replace <information> with a character string holding the additional data that must be captured.

To set this in a trigger, an example is included below. Keep in mind that the edb_audit_tag is set for the life of the session, not just the life of the insert command:

CREATE OR REPLACE FUNCTION add_audit_info()
RETURNS trigger AS
$BODY
$BEGIN
SET edb_audit_tag = '<information>';
RETURN NEW;
END;
$BODY
$LANGUAGE plpgsql;

CREATE TRIGGER add_audit_info_trigger
BEFORE INSERT
ON <table>
FOR EACH ROW
EXECUTE PROCEDURE add_audit_info();

Check Contents

Review the system documentation to identify what additional information the organization has determined necessary.

Check application and database design, and existing audit records to verify that all organization-defined additional, more detailed information is in the audit records for audit events identified by type, location, or subject.

If any additional information is defined and is not included in the audit records, this is a finding.

Vulnerability Number

V-224145

Documentable

False

Rule Version

EP11-00-002200

Severity Override Guidance

Review the system documentation to identify what additional information the organization has determined necessary.

Check application and database design, and existing audit records to verify that all organization-defined additional, more detailed information is in the audit records for audit events identified by type, location, or subject.

If any additional information is defined and is not included in the audit records, this is a finding.

Check Content Reference

M

Target Key

4107

Comments