Title

The EDB Postgres Advanced Server must record time stamps in audit records and application data that can be mapped to Coordinated Universal Time (UTC, formerly GMT). (Cat II impact)

Discussion

If time stamps are not consistently applied and there is no common time reference, it is difficult to perform forensic analysis. Time stamps generated by the DBMS must include date and time. Time is commonly expressed in Coordinated Universal Time (UTC), a modern continuation of Greenwich Mean Time (GMT), or local time with an offset from UTC.

Check Content

As the "enterprisedb" operating system user, run the following to show the current log_timezone setting: > psql -d edb -c "SHOW log_timezone" If anything other than "UTC" is returned, this is a finding.

Fix Text

As the "enterprisedb" operating system user, run the following to set the log_timezone parameter: > psql edb -c "ALTER SYSTEM SET log_timezone = 'UTC'" Next, reload the parameter file: psql edb -c "SELECT pg_reload_conf()" Confirm the new value: psql edb -c "SHOW log_timezone"

Additional Identifiers

Rule ID: SV-259281r938896_rule

Vulnerability ID: V-259281

Group Title: SRG-APP-000374-DB-000322

Expert Comments

CCIs tied to check.

Controls tied to check. These are derived from the CCIs shown above.