UCF STIG Viewer Logo

The DBMS must generate audit records when successful logons or connections occur.


Overview

Finding ID Version Rule ID IA Controls Severity
V-206630 SRG-APP-000503-DB-000350 SV-206630r961824_rule Medium
Description
For completeness of forensic analysis, it is necessary to track who/what (a user or other principal) logs on to the DBMS.
STIG Date
Database Security Requirements Guide 2024-06-20

Details

Check Text ( C-6890r291558_chk )
Review the DBMS audit settings. If an audit record is not generated each time a user (or other principal) logs on or connects to the DBMS, this is a finding.
Fix Text (F-6890r291559_fix)
Configure DBMS audit settings to generate an audit record each time a user (or other principal) logs on or connects to the DBMS. Ensure that the audit record contains the time of the event, the user ID, and session identifier.