From EDB Postgres Advanced Server Security Technical Implementation Guide
Part of SRG-APP-000096-DB-000040
Associated with: CCI-000131
Information system auditing capability is critical for accurate forensic analysis. Without establishing when events occurred, it is impossible to establish, correlate, and investigate the events relating to an incident.
Execute the following SQL as enterprisedb: SHOW edb_audit_statement; If the result is not "all" or if the current setting for this requirement has not been noted and approved by the organization in the system documentation, this is a finding.
Execute the following SQL as enterprisedb: ALTER SYSTEM SET edb_audit_statement = 'all'; SELECT pg_reload_conf(); or Update the system documentation to note the organizationally approved setting and corresponding justification of the setting for this requirement.
Lavender hyperlinks in small type off to the right (of CSS
class id
, if you view the page source) point to
globally unique URIs for each document and item. Copy the
link location and paste anywhere you need to talk
unambiguously about these things.
You can obtain data about documents and items in other
formats. Simply provide an HTTP header Accept:
text/turtle
or
Accept: application/rdf+xml
.
Powered by sagemincer