V-58107
The DBMS must generate audit records when successful logons or connections occur.
Finding ID
SRG-APP-000503-DB-000350
Rule ID
SV-72537r1_rule
Severity
CCE
(None)
Group Title
SRG-APP-000503-DB-000350
CCI
CCI-000172
Target Key
(None)
Documentable
No
Discussion
For completeness of forensic analysis, it is necessary to track who/what (a user or other principal) logs on to the DBMS.
Fix Text
Configure DBMS audit settings to generate an audit record each time a user (or other principal) logs on or connects to the DBMS. Ensure that the audit record contains the time of the event, the user ID, and session identifier.
Check Content
Review the DBMS audit settings. If an audit record is not generated each time a user (or other principal) logs on or connects to the DBMS, this is a finding.