SV-76085r2_rule
V-61595
SRG-APP-000063-DB-000018
O121-C2-004200
CAT II
10
Configure DBMS auditing so that all use of privileged accounts is recorded in the audit log.
Review auditing configuration.
If it is possible for a privileged user/role to access non-security functions or information without having the action recorded in the audit log, this is a finding.
To obtain a list of unified auditing policies that have been defined, run the query:
SELECT unique policy_name from AUDIT_UNIFIED_POLICIES;
To obtain a list of unified auditing policies that have been enabled and the users for which it has been enabled, run the query:
SELECT unique policy_name, user_name from AUDIT_UNIFIED_ENABLED_POLICIES;
Unless otherwise required, verify that user_name is set to 'ALL USERS' to insure that the activity of administrative users is being logged.
V-61595
False
O121-C2-004200
Review auditing configuration.
If it is possible for a privileged user/role to access non-security functions or information without having the action recorded in the audit log, this is a finding.
To obtain a list of unified auditing policies that have been defined, run the query:
SELECT unique policy_name from AUDIT_UNIFIED_POLICIES;
To obtain a list of unified auditing policies that have been enabled and the users for which it has been enabled, run the query:
SELECT unique policy_name, user_name from AUDIT_UNIFIED_ENABLED_POLICIES;
Unless otherwise required, verify that user_name is set to 'ALL USERS' to insure that the activity of administrative users is being logged.
M
2679