STIGQter STIGQter: STIG Summary: Oracle MySQL 8.0 Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 28 Jan 2021:

The MySQL Database Server 8.0 must utilize centralized management of the content captured in audit records generated by all components of the MySQL Database Server 8.0.

DISA Rule

SV-235171r638812_rule

Vulnerability Number

V-235171

Group Title

SRG-APP-000356-DB-000314

Rule Version

MYS8-00-009400

Severity

CAT II

CCI(s)

Weight

10

Fix Recommendation

Configure and/or deploy software tools to ensure that MySQL Server audit records are written directly to or systematically transferred to a centralized log management system.

Check Contents

Review the system documentation for a description of how audit records are off-loaded and how local audit log space is managed.

If the MySQL Server audit records are not written directly to or systematically transferred to a centralized log management system, this is a finding.

Vulnerability Number

V-235171

Documentable

False

Rule Version

MYS8-00-009400

Severity Override Guidance

Review the system documentation for a description of how audit records are off-loaded and how local audit log space is managed.

If the MySQL Server audit records are not written directly to or systematically transferred to a centralized log management system, this is a finding.

Check Content Reference

M

Target Key

5277

Comments