STIGQter: STIG Summary: Oracle Database 12c Security Technical Implementation Guide Version: 2 Release: 1 Benchmark Date: 23 Apr 2021: STIGQter: STIG Summary: Oracle Database 12c Security Technical Implementation Guide Version: 2 Release: 1 Benchmark Date: 23 Apr 2021:SV-237747r667273_rule
V-237747
SRG-APP-000515-DB-000318
O121-P2-008100
CAT II
10
Configure the DBMS or deploy and configure software tools to transfer audit records to a centralized log management system, continuously and in near-real-time where a continuous network connection to the log management system exists, or at least weekly in the absence of such a connection.
For more information on auditing, refer to the following documents:
https://docs.oracle.com/database/121/DBSEG/auditing.htm#DBSEG1024
Review the system documentation for a description of how audit records are off-loaded.
If the DBMS has a continuous network connection to the centralized log management system, but the DBMS audit records are not written directly to the centralized log management system or transferred in near-real-time, this is a finding.
If the DBMS does not have a continuous network connection to the centralized log management system, and the DBMS audit records are not transferred to the centralized log management system weekly or more often, this is a finding.
V-237747
False
O121-P2-008100
Review the system documentation for a description of how audit records are off-loaded.
If the DBMS has a continuous network connection to the centralized log management system, but the DBMS audit records are not written directly to the centralized log management system or transferred in near-real-time, this is a finding.
If the DBMS does not have a continuous network connection to the centralized log management system, and the DBMS audit records are not transferred to the centralized log management system weekly or more often, this is a finding.
M
4059