STIGQter STIGQter: STIG Summary: Oracle Database 12c Security Technical Implementation Guide Version: 2 Release: 1 Benchmark Date: 23 Apr 2021:

A minimum of two Oracle redo log groups/files must be defined and configured to be stored on separate, archived physical disks or archived directories on a RAID device.

DISA Rule

SV-219828r533025_rule

Vulnerability Number

V-219828

Group Title

SRG-APP-000516-DB-000363

Rule Version

O121-BP-021600

Severity

CAT II

CCI(s)

Weight

10

Fix Recommendation

To define additional redo log file groups:

From SQL*Plus (Example):

alter database add logfile group 2
('diska:log2.log' ,
'diskb:log2.log') size 50K;

To add additional redo log file [members] to an existing redo log file group:

From SQL*Plus (Example):

alter database add logfile member 'diskc:log2.log'
to group 2;

Replace diska, diskb, diskc with valid, different disk drive specifications.

Replace log#.log file with valid or custom names for the log files.

Check Contents

From SQL*Plus:

select count(*) from V$LOG;

If the value of the count returned is less than 2, this is a finding.

From SQL*Plus:

select count(*) from V$LOG where members > 1;

If the value of the count returned is less than 2 and a RAID storage device is not being used, this is a finding.

Vulnerability Number

V-219828

Documentable

False

Rule Version

O121-BP-021600

Severity Override Guidance

From SQL*Plus:

select count(*) from V$LOG;

If the value of the count returned is less than 2, this is a finding.

From SQL*Plus:

select count(*) from V$LOG where members > 1;

If the value of the count returned is less than 2 and a RAID storage device is not being used, this is a finding.

Check Content Reference

M

Target Key

4059

Comments