The DBMS must generate audit records when successful logons or connections occur.

An XCCDF Rule

Description

For completeness of forensic analysis, it is necessary to track who/what (a user or other principal) logs on to the DBMS.

ID: SV-206630r961824_rule
Version: SRG-APP-000503-DB-000350
Severity: Medium
References: CCI-000172
Updated: about 2 months ago

Remediation Templates

Configure DBMS audit settings to generate an audit record each time a user (or other principal) logs on or connects to the DBMS. Ensure that the audit record contains the time of the event, the user ID, and session identifier.