STIGQter STIGQter: STIG Summary: EDB Postgres Advanced Server Security Technical Implementation Guide Version: 1 Release: 6 Benchmark Date: 25 Oct 2019: The EDB Postgres Advanced Server must utilize centralized management of the content captured in audit records generated by all components of the EDB Postgres Advanced Server.

DISA Rule

SV-83597r1_rule

Vulnerability Number

V-68993

Group Title

SRG-APP-000356-DB-000314

Rule Version

PPS9-00-007700

Severity

CAT II

CCI(s)

Weight

10

Fix Recommendation

Install a centralized log collecting tool and configure it as instructed in its documentation.

If using PEM, find the instructions at
http://www.enterprisedb.com/docs/en/6.0/pemgetstarted/toc.html

Check Contents

If a centralized log collecting tool such as Postgres Enterprise Manager (PEM) is not installed and configured to automatically collect audit logs, this is a finding.

Review the system documentation for a description of how audit records are off-loaded and how local audit log space is managed.

Vulnerability Number

V-68993

Documentable

False

Rule Version

PPS9-00-007700

Severity Override Guidance

If a centralized log collecting tool such as Postgres Enterprise Manager (PEM) is not installed and configured to automatically collect audit logs, this is a finding.

Review the system documentation for a description of how audit records are off-loaded and how local audit log space is managed.

Check Content Reference

M

Target Key

2933

Comments