STIGQter: STIG Summary: PostgreSQL 9.x Security Technical Implementation Guide Version: 2 Release: 1 Benchmark Date: 23 Oct 2020:

PostgreSQL must provide an immediate real-time alert to appropriate support staff of all audit log failures.

DISA Rule

SV-214072r508027_rule

Vulnerability Number

V-214072

Group Title

SRG-APP-000360-DB-000320

Rule Version

PGS9-00-002700

Severity

CAT II

CCI(s)

• CCI-001858 - The information system provides a real-time alert in an organization-defined real-time period to organization-defined personnel, roles, and/or locations when organization-defined audit failure events requiring real-time alerts occur.

Weight

10

Fix Recommendation

Configure the system to provide an immediate real-time alert to appropriate support staff when an audit log failure occurs.

It is possible to create scripts or implement third-party tools to enable real-time alerting for audit failures in PostgreSQL.

Check Contents

Review DBMS, OS, or third-party logging software settings to determine whether a real-time alert will be sent to the appropriate personnel when auditing fails for any reason.

If real-time alerts are not sent upon auditing failure, this is a finding

Vulnerability Number

V-214072

Documentable

False

Rule Version

PGS9-00-002700

Severity Override Guidance

Review DBMS, OS, or third-party logging software settings to determine whether a real-time alert will be sent to the appropriate personnel when auditing fails for any reason.

If real-time alerts are not sent upon auditing failure, this is a finding

Check Content Reference

M

Target Key

3994

Comments