STIGQter STIGQter: STIG Summary: Oracle Database 11g Instance STIG Version: 8 Release: 20 Benchmark Date: 28 Jul 2017: Required auditing parameters for database auditing should be set.

DISA Rule

SV-24615r2_rule

Vulnerability Number

V-5685

Group Title

Database auditing

Rule Version

DG0029-ORACLE11

Severity

CAT II

CCI(s)

Weight

10

Fix Recommendation

Enable database auditing.

Select the desired audit trail format (external file or internal database table).

From SQL*Plus:
alter system set audit_trail= [audit trail format] scope=spfile;

Compliant selections for [audit trail format] are (per MetaLink Note 30690.1):

Oracle 11.1 – 11.2 = 'true', 'os' & 'db' (true = os for backward compatibility)
Oracle 11.1 – 11.2 = 'db_extended', 'xml' & 'xml, extended'

The above SQL*Plus command will set the parameter to take effect at next system startup.

Check Contents

From SQL*Plus:
select value from v$parameter where name = 'audit_trail';

If the value returned is NONE, this is a Finding.

Vulnerability Number

V-5685

Documentable

False

Rule Version

DG0029-ORACLE11

Severity Override Guidance

From SQL*Plus:
select value from v$parameter where name = 'audit_trail';

If the value returned is NONE, this is a Finding.

Check Content Reference

M

Responsibility

Database Administrator

Target Key

1367

Comments