An error occurred:

Check: SRG-APP-000356-DB-000315

Database SRG: SRG-APP-000356-DB-000315 (in versions v3 r4 through v2 r10)

Title

The DBMS must provide centralized configuration of the content to be captured in audit records generated by all components of the DBMS. (Cat II impact)

Discussion

If the configuration of the DBMS's auditing is spread across multiple locations in the database management software, or across multiple commands, only loosely related, it is harder to use and takes longer to reconfigure in response to events. The DBMS must provide a unified tool for audit configuration.

Check Content

Review DBMS vendor documentation. If the DBMS does not provide a unified tool for audit configuration, this is a finding.

Fix Text

Deploy a DBMS that provides a unified tool for audit configuration.

Additional Identifiers

Rule ID: SV-206590r879729_rule

Vulnerability ID: V-206590

Group Title: SRG-APP-000356

Expert Comments

Expert comments are only available to logged-in users.

CCIs

CCIs tied to check.
Number Definition
CCI-001844

The information system provides centralized management and configuration of the content to be captured in audit records generated by organization-defined information system components.

Controls

Controls tied to check. These are derived from the CCIs shown above.
Number Title
AU-3 (2)

Centralized Management Of Planned Audit Record Content