Check: EPAS-00-008300
EnterpriseDB Postgres Advanced Server (EPAS) STIG:
EPAS-00-008300
(in version v1 r1)
Title
The EDB Postgres Advanced Server must generate time stamps for audit records and application data, with a minimum granularity of one second. (Cat II impact)
Discussion
Without sufficient granularity of time stamps, it is not possible to adequately determine the chronological order of records. Time stamps generated by the DBMS must include date and time. Granularity of time measurements refers to the precision available in time stamp values. Granularity coarser than one second is not sufficient for audit trail purposes. Time stamp values are typically presented with three or more decimal places of seconds; however, the actual granularity may be coarser than the apparent precision. Some DBMS products offer a data type called TIMESTAMP that is not a representation of date and time. Rather, it is a database state counter and does not correspond to calendar and clock time. This requirement does not refer to that meaning of TIMESTAMP.
Check Content
As the "enterprisedb" operating system user, run the following to verify the log_line_prefix parameter setting: > psql edb -c "SHOW log_line_prefix" If log_line_prefix is not set to "%m" (Timestamp in milliseconds) , this is a finding.
Fix Text
As the "enterprisedb" operating system user, run the following to set the log_line_prefix parameter to "%m" (Timestamps in milliseconds) > psql edb -c "ALTER SYSTEM SET log_line_prefix = '%m'" Next, reload the parameter file: > psql edb -c "SELECT pg_reload_conf()" Confirm the new value: > psql edb -c "SHOW log_line_prefix"
Additional Identifiers
Rule ID: SV-259282r938899_rule
Vulnerability ID: V-259282
Group Title: SRG-APP-000375-DB-000323
Expert Comments
CCIs
Number | Definition |
---|---|
CCI-001889 |
The information system records time stamps for audit records that meet organization-defined granularity of time measurement. |
Controls
Number | Title |
---|---|
AU-8 |
Time Stamps |