STIGQter: STIG Summary: VMW vRealize Operations Manager 6.x PostgreSQL Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 28 Sep 2018:

The vROps PostgreSQL DB must include additional, more detailed, organization-defined information in the audit records for audit events identified by type, location, or subject.

DISA Rule

SV-98889r1_rule

Vulnerability Number

V-88239

Group Title

SRG-APP-000101-DB-000044

Rule Version

VROM-PG-000085

Severity

CAT II

CCI(s)

CCI-000135 - The information system generates audit records containing the organization-defined additional, more detailed information that is to be included in the audit records.

Weight

Fix Recommendation

At the command prompt, execute the following commands:

# /opt/vmware/vpostgres/current/bin/psql -U postgres -c "ALTER SYSTEM SET log_line_prefix TO '%m %d %u %r %p %l %c';"
# /opt/vmware/vpostgres/current/bin/psql -U postgres -c "SELECT pg_reload_conf();"

Check Contents

At the command prompt, execute the following command:

# grep '^\s*log_line_prefix\b' /storage/db/vcops/vpostgres/data/postgresql.conf

If log_line_prefix is not set to "%m %d %u %r %p %l %c", this is a finding.

The vROps PostgreSQL DB must include additional, more detailed, organization-defined information in the audit records for audit events identified by type, location, or subject.

DISA Rule

Vulnerability Number

Group Title

Rule Version

Severity

CCI(s)

Weight

Fix Recommendation

Check Contents

Vulnerability Number

Documentable

Rule Version

Severity Override Guidance

Check Content Reference

Target Key

Comments