STIGQter STIGQter: STIG Summary: EDB Postgres Advanced Server Security Technical Implementation Guide Version: 2 Release: 1 Benchmark Date: 23 Oct 2020:

The EDB Postgres Advanced Server must generate audit records when concurrent logons/connections by the same user from different workstations occur.

DISA Rule

SV-213660r508024_rule

Vulnerability Number

V-213660

Group Title

SRG-APP-000506-DB-000353

Rule Version

PPS9-00-012300

Severity

CAT II

CCI(s)

Weight

10

Fix Recommendation

Execute the following SQL as enterprisedb:

ALTER SYSTEM SET edb_audit_connect = 'all';
ALTER SYSTEM SET edb_audit_disconnect = 'all';
SELECT pg_reload_conf();

or

Update the system documentation to note the organizationally approved setting and corresponding justification of the setting for this requirement.

Check Contents

Execute the following SQL as enterprisedb:

SHOW edb_audit_connect;

If the result is not "all" or if the current setting for this requirement has not been noted and approved by the organization in the system documentation, this is a finding.

Vulnerability Number

V-213660

Documentable

False

Rule Version

PPS9-00-012300

Severity Override Guidance

Execute the following SQL as enterprisedb:

SHOW edb_audit_connect;

If the result is not "all" or if the current setting for this requirement has not been noted and approved by the organization in the system documentation, this is a finding.

Check Content Reference

M

Target Key

3988

Comments