The DBMS must generate audit records when successful logons or connections occur.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
| V-206630 | SRG-APP-000503-DB-000350 | SV-206630r961824_rule | CCI-000172 | medium |
| Description | ||||
| For completeness of forensic analysis, it is necessary to track who/what (a user or other principal) logs on to the DBMS. | ||||
| STIG | Date | |||
| Database Security Requirements Guide | 2024-12-04 | |||
Details
Check Text (C-206630r961824_chk)
Review the DBMS audit settings. If an audit record is not generated each time a user (or other principal) logs on or connects to the DBMS, this is a finding.
Fix Text (F-6890r291559_fix)
Configure DBMS audit settings to generate an audit record each time a user (or other principal) logs on or connects to the DBMS. Ensure that the audit record contains the time of the event, the user ID, and session identifier.