STIGQter: STIG Summary: IBM DB2 V10.5 LUW Security Technical Implementation Guide Version: 1 Release: 4 Benchmark Date: 25 Oct 2019:

DB2 must allocate audit record storage capacity in accordance with organization-defined audit record storage requirements.

DISA Rule

SV-89243r1_rule

Vulnerability Number

V-74569

Group Title

SRG-APP-000357-DB-000316

Rule Version

DB2X-00-007500

Severity

CAT II

CCI(s)

• CCI-001849 - The organization allocates audit record storage capacity in accordance with organization-defined audit record storage requirements.

Weight

10

Fix Recommendation

Allocate space to the file system where the audit data directory resides.

Check Contents

Run the following command to find the location of the audit data directory:

$db2audit describe

Note the location of audit data directory.

Check the operating system log records find out if there has been any out of space event for that location.

If there has been any out of space event for audit data directory, this is a finding.

Take samples of peak database activity and measure the space utilized in the audit data directory location during that time.

If the audit data directory is not sized to handle the workload between audit archiving intervals this is a finding.

Vulnerability Number

V-74569

Documentable

False

Rule Version

DB2X-00-007500

Severity Override Guidance

Run the following command to find the location of the audit data directory:

$db2audit describe

Note the location of audit data directory.

Check the operating system log records find out if there has been any out of space event for that location.

If there has been any out of space event for audit data directory, this is a finding.

Take samples of peak database activity and measure the space utilized in the audit data directory location during that time.

If the audit data directory is not sized to handle the workload between audit archiving intervals this is a finding.

Check Content Reference

M

Target Key

3161

Comments