STIGQter: STIG Summary: VMware vSphere 6.7 PostgreSQL Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 09 Mar 2021:

VMware Postgres log files must contain required fields.

DISA Rule

SV-239197r717050_rule

Vulnerability Number

V-239197

Group Title

SRG-APP-000089-DB-000064

Rule Version

VCPG-67-000002

Severity

CAT II

CCI(s)

CCI-000169 - The information system provides audit record generation capability for the auditable events defined in AU-2 a. at organization-defined information system components.

Weight

Fix Recommendation

At the command prompt, execute the following commands:

# /opt/vmware/vpostgres/current/bin/psql -U postgres -c "ALTER SYSTEM SET log_line_prefix TO '%m %c %x %d %u %r %p %l ';"

# /opt/vmware/vpostgres/current/bin/psql -U postgres -c "SELECT pg_reload_conf();"

Check Contents

At the command prompt, execute the following command:

# /opt/vmware/vpostgres/current/bin/psql -U postgres -c "SHOW log_line_prefix;"|sed -n 3p|sed -e 's/^[ ]*//'

Expected result:

%m %c %x %d %u %r %p %l

If the output does not match the expected result, this is a finding.

Vulnerability Number

V-239197

Documentable

False

Rule Version

VCPG-67-000002

Severity Override Guidance

Check Content Reference

Target Key

5324

VMware Postgres log files must contain required fields.

DISA Rule

Vulnerability Number

Group Title

Rule Version

Severity

CCI(s)

Weight

Fix Recommendation

Check Contents

Vulnerability Number

Documentable

Rule Version

Severity Override Guidance

Check Content Reference

Target Key

Comments