STIGQter STIGQter: STIG Summary: EDB Postgres Advanced Server Security Technical Implementation Guide Version: 2 Release: 1 Benchmark Date: 23 Oct 2020:

The EDB Postgres Advanced Server must utilize centralized management of the content captured in audit records generated by all components of the EDB Postgres Advanced Server.

DISA Rule

SV-213620r508024_rule

Vulnerability Number

V-213620

Group Title

SRG-APP-000356-DB-000314

Rule Version

PPS9-00-007700

Severity

CAT II

CCI(s)

Weight

10

Fix Recommendation

Install a centralized log collecting tool and configure it as instructed in its documentation.

If using PEM, find the instructions at
http://www.enterprisedb.com/docs/en/6.0/pemgetstarted/toc.html

Check Contents

If a centralized log collecting tool such as Postgres Enterprise Manager (PEM) is not installed and configured to automatically collect audit logs, this is a finding.

Review the system documentation for a description of how audit records are off-loaded and how local audit log space is managed.

Vulnerability Number

V-213620

Documentable

False

Rule Version

PPS9-00-007700

Severity Override Guidance

If a centralized log collecting tool such as Postgres Enterprise Manager (PEM) is not installed and configured to automatically collect audit logs, this is a finding.

Review the system documentation for a description of how audit records are off-loaded and how local audit log space is managed.

Check Content Reference

M

Target Key

3988

Comments