STIGhubSTIGhub
STIGsRMF ControlsCompare

STIGhub

A free tool to search and browse the entire DISA STIG library. Saves up to 75% in security compliance research time.

Navigation

  • Browse STIGs
  • Search
  • RMF Controls
  • Compare Versions

Resources

  • About
  • Release Notes
  • VPAT
  • DISA STIG Library
STIGs updated just now
Powered by Pylon
© 2026 Beacon Cloud Solutions, Inc. All rights reserved.
← Back to EnterpriseDB Postgres Advanced Server (EPAS) Security Technical Implementation Guide

V-259312

CAT II (Medium)

The EDB Postgres Advanced Server must generate audit records when security objects are deleted.

Rule ID

SV-259312r961818_rule

STIG

EnterpriseDB Postgres Advanced Server (EPAS) Security Technical Implementation Guide

Version

V2R1

CCIs

CCI-000172

Discussion

The removal of security objects from the database/DBMS would seriously degrade a system's information assurance posture. If such an event occurs, it must be logged.

Check Content

Execute the following SQL the "enterprisedb" operating system user:

> psql edb -c "SHOW edb_audit_statement"

If the result is not "all" or if the current setting for this requirement has not been noted and approved by the organization in the system documentation, this is a finding.

Fix Text

Execute the following SQL as the "enterprisedb" operating system user:

> psql edb -c "ALTER SYSTEM SET edb_audit_statement = 'all'"
> psql edb -c "SELECT pg_reload_conf()"

or

Update the system documentation to note the organizationally approved setting and corresponding justification of the setting for this requirement.