STIGQter STIGQter: STIG Summary: EDB Postgres Advanced Server v11 on Windows Security Technical Implementation Guide Version: 2 Release: 1 Benchmark Date: 23 Oct 2020:

The EDB Postgres Advanced Server must provide centralized configuration of the content to be captured in audit records generated by all components of the EDB Postgres Advanced Server.

DISA Rule

SV-224196r508023_rule

Vulnerability Number

V-224196

Group Title

SRG-APP-000356-DB-000315

Rule Version

EP11-00-007800

Severity

CAT II

CCI(s)

Weight

10

Fix Recommendation

If managing multiple EDB Postgres Advanced Server clusters (i.e., instances), install a centralized audit log management tool and configure it as instructed in its documentation.

If using PEM, find the instructions at
https://www.enterprisedb.com/docs/en/7.0/pemgetstarted/toc.html

Check Contents

If managing only single EDB Postgres Advanced Server clusters, this is not a finding.

If managing multiple EDB Postgres Advanced Server clusters and a unified tool for audit configuration such as PEM (Postgres Enterprise Manager) is not installed to configure and manage audit logs, this is a finding.

Review the system documentation for a description of how audit records are off-loaded and how local audit log space is managed.

Vulnerability Number

V-224196

Documentable

False

Rule Version

EP11-00-007800

Severity Override Guidance

If managing only single EDB Postgres Advanced Server clusters, this is not a finding.

If managing multiple EDB Postgres Advanced Server clusters and a unified tool for audit configuration such as PEM (Postgres Enterprise Manager) is not installed to configure and manage audit logs, this is a finding.

Review the system documentation for a description of how audit records are off-loaded and how local audit log space is managed.

Check Content Reference

M

Target Key

4107

Comments