OpenControls Logo

STIG Viewer

The EDB Postgres Advanced Server must generate audit records showing starting and ending time for user access to the database(s).

Overview

Finding IDVersionRule IDIA ControlsSeverity
V-259320EPAS-00-012200SV-259320r961830_ruleCCI-000172medium
Description
For completeness of forensic analysis, it is necessary to know how long a user's (or other principal's) connection to the DBMS lasts. This can be achieved by recording disconnections, in addition to logons/connections, in the audit logs. Disconnection may be initiated by the user or forced by the system (as in a timeout) or result from a system or network failure. To the greatest extent possible, all disconnections must be logged.
STIGDate
EnterpriseDB Postgres Advanced Server (EPAS) Security Technical Implementation Guide2024-08-27

Related Frameworks

4 paths across 3 frameworks
NIST 800-531 mapping
AU-12
1.00
  • DISA · V2R1 · disa_xccdf · related
  • DISA · 2025-01-23 · disa_cci_list · equivalent
NIST 800-1712 mappings
3.3.1
1.00
  • DISA · V2R1 · disa_xccdf · related
  • DISA · 2025-01-23 · disa_cci_list · equivalent
  • NIST · Rev 2 (Feb 2020, errata Jan 2021) · nist_800_171_app_d · equivalent
3.3.2
1.00
  • DISA · V2R1 · disa_xccdf · related
  • DISA · 2025-01-23 · disa_cci_list · equivalent
  • NIST · Rev 2 (Feb 2020, errata Jan 2021) · nist_800_171_app_d · equivalent
CCI1 mapping
CCI-000172
1.00
  • DISA · V2R1 · disa_xccdf · related

Details

Check Text (C-259320r961830_chk)

Execute the following SQL as the "enterprisedb" operating system user: > psql edb -c "SHOW edb_audit_connect" If the result is not "all" or if the current setting for this requirement has not been noted and approved by the organization in the system documentation, this is a finding.

Fix Text (F-62968r939012_fix)

Execute the following SQL as the "enterprisedb" operating system user: > psql edb -c "ALTER SYSTEM SET edb_audit_connect = 'all'" > psql edb -c "ALTER SYSTEM SET edb_audit_disconnect = 'all'" > psql edb -c "SELECT pg_reload_conf()" or Update the system documentation to note the organizationally approved setting and corresponding justification of the setting for this requirement.