STIGQter STIGQter: STIG Summary: VMW vRealize Operations Manager 6.x PostgreSQL Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 28 Sep 2018:

The vROps PostgreSQL DB must provide audit record generation for DoD-defined auditable events within all DBMS/database components.

DISA Rule

SV-98867r1_rule

Vulnerability Number

V-88217

Group Title

SRG-APP-000089-DB-000064

Rule Version

VROM-PG-000025

Severity

CAT II

CCI(s)

Weight

10

Fix Recommendation

At the command prompt, execute the following commands:

# sed -i.bak "/log_line_prefix.*/ d" /storage/db/vcops/vpostgres/data/postgresql.conf
# sed -i "$ a log_line_prefix = '%m %d %u %r %p %l %c'" /storage/db/vcops/vpostgres/data/postgresql.conf
# su postgres
postgres@vRealizeClusterNode:> cd /opt/vmware/vpostgres/current
postgres@vRealizeClusterNode:> /opt/vmware/vpostgres/9.3/bin/pg_ctl restart -D /storage/db/vcops/vpostgres/data
postgres@vRealizeClusterNode:> exit

Check Contents

At the command prompt, execute the following command:

# grep '^\s*log_line_prefix\b' /storage/db/vcops/vpostgres/data/postgresql.conf

If log_line_prefix is not set to "%m %d %u %r %p %l %c", this is a finding.

Vulnerability Number

V-88217

Documentable

False

Rule Version

VROM-PG-000025

Severity Override Guidance

At the command prompt, execute the following command:

# grep '^\s*log_line_prefix\b' /storage/db/vcops/vpostgres/data/postgresql.conf

If log_line_prefix is not set to "%m %d %u %r %p %l %c", this is a finding.

Check Content Reference

M

Target Key

3445

Comments