← Back to VMW vRealize Automation 7.x PostgreSQL Security Technical Implementation Guide

V-240306

CAT II (Medium)

The vRA PostgreSQL database must be configured to use a syslog facility.

Rule ID

SV-240306r668762_rule

STIG

VMW vRealize Automation 7.x PostgreSQL Security Technical Implementation Guide

Version

V1R2

CCIs

CCI-001888

Discussion

It is critical for the appropriate personnel to be aware if a system is at risk of failing to process audit logs as required. Without a real-time alert, security personnel may be unaware of an impending failure of the audit capability, and system operation may be adversely affected. The appropriate support staff include, at a minimum, the ISSO and the DBA/SA. Alerts provide organizations with urgent messages. Real-time alerts provide these messages immediately (i.e., the time from event detection to alert occurs in seconds or less).

Check Content

At the command prompt, execute the following command:

# grep '^\s*logging_collector\b' /storage/db/pgdata/postgresql.conf

If "logging_collector" is not "on", this is a finding.

Fix Text

At the command prompt, execute the following commands:

# /opt/vmware/vpostgres/current/bin/psql -U postgres -c "ALTER SYSTEM SET logging_collector TO 'on';"
# /opt/vmware/vpostgres/current/bin/psql -U postgres -c "SELECT pg_reload_conf();"