Skip to content
Catalogs
XCCDF
Oracle Database 11.2g Security Technical Implementation Guide
SRG-APP-000100-DB-000201
The DBMS must produce audit records containing sufficient information to establish the identity of any user/subject or process associated with the event.
The DBMS must produce audit records containing sufficient information to establish the identity of any user/subject or process associated with the event. An XCCDF Rule
The DBMS must produce audit records containing sufficient information to establish the identity of any user/subject or process associated with the event.
Medium Severity
<VulnDiscussion>Information system auditing capability is critical for accurate forensic analysis. Audit record content that may be necessary to satisfy the requirement of this control includes: timestamps, source and destination addresses, user/process identifiers, event descriptions, success/fail indications, file names involved, and access control or flow control rules invoked.
Database software is capable of a range of actions on data stored within the database. It is important, for accurate forensic analysis, to know exactly who performed a given action. If user identification information is not recorded and stored with the audit record, the record itself is of very limited use.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>